Hackers break into Verizon’s prepaid accounts

Share post:

Verizon has notified some prepaid customers that their accounts have been compromised and their phone numbers may have been hijacked by attackers via SIM swaps.

“We determined that between October 6 and October 10, 2022, a third-party actor accessed the last four digits of the credit card used to make automatic payments on your account,” Verizon said in an alert published this week.

Fraudsters who obtained people’s last four-digit credit card numbers, possibly by exploiting some of Verizon’s online services, used that information to gain control of their accounts.

They then access personal information and performed a SIM swap, transferring the victim’s phone number to another person’s device, allowing the stranger to use the number and all one-time security codes to hijack the victim’s other online accounts.

Verizon claims to have prevented further unauthorized access to its customers’ accounts and has found no evidence that the attack is still ongoing. It also reset the Account Security Codes (PINs) for an unknown number of customers.

The attackers could not access the full credit card number or bank details, financial information, passwords, social security numbers, tax identification or other personal information of customers because user accounts do not contain this information.

However, Verizon said the attackers may have gained access to compromised account names, phone numbers, billing addresses, price plans and other service-related information.

The sources for this piece include an article in BleepingComputer.

SUBSCRIBE NOW

Related articles

Cyber Security Today, June 21, 2024 – US to ban Kaspersky for businesses, consumers

U.S. to ban the sale of Kaspersky products to consumers and businesses. Welcome to Cyber Security Today. It's Friday...

Biden administration to ban US sales of Kaspersky software over ties to Russia

The Biden administration is set to announce a ban on the sale of Kaspersky Lab's antivirus software in...

Security bug may allow anyone to spoof Microsoft employee emails

A security researcher claims to have discovered a bug that enables anyone to impersonate Microsoft corporate email accounts,...

Cyber Security Today, June 19, 2024 – How an attacker hid on an IT network for three years

How an attacker hid on an IT network for three years Welcome to Cyber Security Today. It's Wednesday June...

Become a member

New, Relevant Tech Stories. Our article selection is done by industry professionals. Our writers summarize them to give you the key takeaways