What matters, in my opinion, is the SIM swap attack, nothing specific to recent T-Mobile/Google Fi leaks, unless of course some of the information that leaked was used to convince service staff to do the SIM swap.
Unlike for other customers, the email regexer received contained more detailed information about the hack he suffered weeks prior.
“Other data related to your Google Fi account also may have been accessed without authorization, such as a zip code, and the service/emergency address associated with your account,” read the email, which regexer shared with TechCrunch. “Additionally, on January 1, 2023 for about 1 hour 48 minutes, your mobile phone service was transferred from your SIM card to another SIM card. During the time of this temporary transfer, the unauthorized access could have involved the use of your phone number to send and receive phone calls and text messages. Despite the SIM transfer, your voicemail could not have been accessed. We have restored Google Fi service to your SIM card.”
I've been hoping (without good reason apparently) that Google Fi accounts would be harder to social engineer and SIM swap. Since we all know it's impossible to get a human at Google to talk to you, I figured an attacker would have to take over my Google account in order to compromise my phone number instead of the other way around.
Is there any info on how the attacker managed to do the SIM swap against the Google Fi victim?
4 comments
[ 3.6 ms ] story [ 25.8 ms ] thread“Other data related to your Google Fi account also may have been accessed without authorization, such as a zip code, and the service/emergency address associated with your account,” read the email, which regexer shared with TechCrunch. “Additionally, on January 1, 2023 for about 1 hour 48 minutes, your mobile phone service was transferred from your SIM card to another SIM card. During the time of this temporary transfer, the unauthorized access could have involved the use of your phone number to send and receive phone calls and text messages. Despite the SIM transfer, your voicemail could not have been accessed. We have restored Google Fi service to your SIM card.”
https://images.ctfassets.net/c5bd0wqjc7v0/3Ku5foxu1kUTXa3l5x...
Is there any info on how the attacker managed to do the SIM swap against the Google Fi victim?