Viewing a single comment thread. View all comments

statuek t1_j758ajo wrote

please read into the details of the security incident before taking this random user's stance at face value btw :)

7

maddkid53 t1_j76bykz wrote

People got SIM swapped as a result of this breach. Google itself was not breached, but TMO was, and Google rides TMO's network. Yes, no personal information was taken, but a phone number and SIM pairing is enough to swap a high profile target (and TMO's previous breaches have resulted in PII getting exfil'd). Verizon is also generally known as the hardest carrier to SIM swap (though not infallible). This probably doesn't matter for the average person, but if you have a job that grants you access to valuable information, or are another juicy target (journalist, lawyer, activist), you don't want to get swapped. Verizon got breached last year too, but they also have swapping protections built into their account security options.

https://www.bleepingcomputer.com/news/security/google-fi-data-breach-let-hackers-carry-out-sim-swap-attacks/

Curious for your take on the breach though, since you didn't actually share any information. Let me know if I got anything wrong.

2

statuek t1_j77f8q9 wrote

Cool, you're probably right here :) The first post in this thread just felt kinda FUD-y to me, but seems I was wrong. Thanks for the link, I'll read this in the evening!

1

maddkid53 t1_j7z27vg wrote

I work in the infosec space and we have tier-1 mobile carriers as clients, no FUD here. As much as I hate the huge carriers for their shitty business practices, I do want their users to be secure! I tried to package the information for the layman in my first comment, but I should've at least included a source, you're right.

1