October 20, 2022

Verizon has notified some prepaid customers that their accounts have been compromised and their phone numbers may have been hijacked by attackers via SIM swaps.

“We determined that between October 6 and October 10, 2022, a third-party actor accessed the last four digits of the credit card used to make automatic payments on your account,” Verizon said in an alert published this week.

Fraudsters who obtained people’s last four-digit credit card numbers, possibly by exploiting some of Verizon’s online services, used that information to gain control of their accounts.

They then access personal information and performed a SIM swap, transferring the victim’s phone number to another person’s device, allowing the stranger to use the number and all one-time security codes to hijack the victim’s other online accounts.

Verizon claims to have prevented further unauthorized access to its customers’ accounts and has found no evidence that the attack is still ongoing. It also reset the Account Security Codes (PINs) for an unknown number of customers.

The attackers could not access the full credit card number or bank details, financial information, passwords, social security numbers, tax identification or other personal information of customers because user accounts do not contain this information.

However, Verizon said the attackers may have gained access to compromised account names, phone numbers, billing addresses, price plans and other service-related information.

The sources for this piece include an article in BleepingComputer.