SIM card hacking or SIM swapping is a growing problem in the United States and abroad. With the rise of cryptocurrency, more hackers are targeting holders of large amounts of digital investments. A SIM card swap hack occurs when a third-party gains unauthorized access to your mobile device and uses it to infiltrate your cryptocurrency accounts.
At Levin Law, P.A., we represent crypto investors who have sustained financial losses due to a SIM card swapping hack or other security breaches. Aggrieved Investors are strongly encouraged to contact Levin Law, P.A. for a free case evaluation.
Contact managing partner Brian Levin directly at (855) 419-2412 or via email at email@example.com to discuss whether you may be eligible to pursue a lawsuit or arbitration to recover damages.
A SIM card hijacking can occur within minutes. Using vulnerabilities in a mobile carrier’s security systems, a third party gains unauthorized access to a customer’s account. Generally, your information is obtained by the hacker through some sort of fraud, data breach, or other security failures.
The hacker then uses your personal information to convince a mobile carrier to switch your SIM or Subscriber Identity Module, which authenticates your phone account to another account. Once the SIM card swap is complete, the third party can use your number to bypass two-factor authentication requests through text and phone calls.
The hacker has control over your phone and can use that control to gain access to any of your accounts, including wallets or exchanges where your cryptocurrency is stored.
In a recent case, a T-Mobile customer suffered significant losses after the company allowed a hacker unauthorized access to their account multiple times. The account holder is alleging that the company’s gross negligence in allowing the hacker to repeatedly infiltrate their security systems resulted in the loss of $8.7 million in cryptocurrency.
As in the T-Mobile case, hackers use several strategies to overcome the cellular provider’s two-factor authentication security measures obtaining a new data-rich SIM card with all of the customer’s information. The information is transferred by the cellular company to a device controlled by the hacker, who then uses it to gain access to their personal and financial accounts. The outcome is generally a total loss of digital investments, which are quickly transferred to the hacker’s account.
Despite being warned of the threat and knowing of potential vulnerabilities in their security systems, many mobile carriers failed to further secure their data. Over 50 million T-Mobile customers had their personal information exposed as a result of a 2021 cyberattack.
The hacker was later revealed to be John Binns, a 21-year-old American living in Turkey. In an interview with the Wall Street Journal, he discussed the mobile carrier’s flawed security system, which allowed him access to customers’ critical personal information, including names, birth dates, driver’s license numbers, and social security numbers.
Entering through an “unprotected router,” Binns was able to access the information that is later used by hackers in SIM Swapping Scams and other fraudulent schemes. Cellular companies, knowing these risks, have taken little to no additional measures to protect their customers or safeguard personal data.
Large holders of cryptocurrency and other digital investments are often targeted by hackers in SIM Card Swaps. The problem is not unique to one specific carrier. Hackers have exposed weaknesses in all of the top carriers, including T-Mobile, AT&T, and Verizon.
In 2018, Robert Ross had his life savings stolen in a matter of minutes. A SIM card swapping scheme allowed a hacker to gain access to the two exchanges where he stored approximately $1 million in digital assets. The hacker obtained authorization by calling his cellular provider, AT&T, and pretending to be the account holder.
While cellular providers must do more to protect their customers’ personal information, crypto investors should take proactive steps to secure their assets. It is important that investors protect their digital wallets and enroll in identity theft monitoring.
Passwords should be updated regularly and strengthened to include a mix of uppercase and lowercase letters, numbers, special characters. Passwords should never contain easily accessible information such as the name of a pet, birthdays, phone numbers, or anniversaries.
Lastly, PIN codes should be assigned to mobile devices and accounts. Crypto investments should be kept on multiple exchanges, with the bulk of the asset stored in a cold wallet. In the event that your device is hacked, notify your cellular provider and law enforcement immediately.
Crypto investors who have sustained losses as the result of a SIM card swap hack, fraudulent scheme, security breach, or other negligence are encouraged to contact Levin Law, P.A. Call (855) 419-2412 or email firstname.lastname@example.org for a free case evaluation to determine whether you may be eligible to pursue a lawsuit or arbitration to recover damages.