VIEWpoint Issue 1 | 2023
2023 Compliance Trends: Staying Ahead in an Evolving Regulatory E...
2023 Tax Calendar
Three different cybercriminal organizations claim to have infiltrated T-Mobile in more than 100 separate incidents throughout 2022.
In the most recent attack lasting through January 2023, hackers phished T-Mobile employees for access to internal company systems to gain access to customers’ data. The cybercriminals were able to divert any T-Mobile user’s text messages and phone calls to another device, known as “SIM-swapping.” SIM swapping involves temporarily seizing the control over a target’s mobile phone number. To complete this, the hacker needs the customer’s phone number and the serial number tied to the new SIM card used to receive text messages and phone calls from the hijacked phone number. A SIM swap against T-Mobile customers can fetch a price tag of up to $1,500 per account.
You may be asking yourself, how are these hackers gaining access to T-Mobile at this frequency? The hackers employ a group of people dubbed “callers,” to trick T-Mobile employees by posing as the company’s IT department. From there, they get the employee to visit a phishing website that mimics the company’s employee login page. Once the employee logs in, they steal their credentials. Some people view these crimes as “low tech,” but in actuality these scams are very complex and have a lot of moving parts to ensure they get in and out without being detected. Countless websites and online services use SMS text messages for both password resets and multi-factor authentication. This means stealing someone’s phone number often can let cybercriminals hijack the target’s entire digital life very quickly.
As of 2022, T-Mobile reported revenues of $80 billion and 71,000 employees. Over the last five years, T-Mobile has experienced multiple breaches of customer data. In July 2022, T-Mobile agreed to pay customers $350 million from a class action lawsuit after the company disclosed in August 2021 that personal data including Social Security numbers and driver’s license info had been stolen. Nearly 80 million U.S. residents were affected by this breach. At the same time, T-Mobile announced they would be investing $150 million through 2023 to fortify its data security and other technologies. Prior to the August 2021 intrusion, the company disclosed breaches in January 2021, November 2019 and August 2018 in which customer information was accessed.
Any business, regardless of size, has the possibility to be hacked through these same tactics. To make sure your employees do not fall victim to “callers,” establishing a security-centric culture is one way to make sure they have the tools and knowledge needed to not unknowingly give away company data. A quality cybersecurity culture includes:
Another way to protect yourself is to have a cybersecurity assessment performed. By conducting a formal cybersecurity assessment, you can understand the risks related to your hardware and software, run fake phishing scams on unexpecting employees, identify any potential vulnerabilities and implement internal controls and other protective measures to reduce risk. The value of a cybersecurity assessment comes from gaining an understanding of where your security gaps are, next steps that need to be taken, identifying who needs to be involved in your cybersecurity measures and how to make informed investments.
It is more important than ever to ensure your organization is prepared to identify potential threats early on and reduce your security exposure to heightened risks. As seen through the T-Mobile breach, this can be happening without your knowledge. No matter the current status of your cybersecurity program, Doeren Mayhew’s IT Advisory and Security team can guide you through understanding your security position, offer solutions to keep you protected and implement strategies to combat attacks, positioning your organization to turn risks into opportunities. For more information about our cybersecurity service provider offerings, contact us today.
This publication is distributed for informational purposes only, with the understanding that Doeren Mayhew is not rendering legal, accounting, or other professional opinions on specific facts for matters, and, accordingly, assumes no liability whatsoever in connection with its use. Should the reader have any questions regarding any of the news articles, it is recommended that a Doeren Mayhew representative be contacted.
A quick registration is required to view our resources.
You will only be asked to do this one time (unless you don't save your browser cookies).