HQ/EMEAFind out how we can help your business
Kroll, a risk and financial advisory solutions company, revealed that it suffered a data breach incident after one of its employees fell victim to a sophisticated SIM-swapping operation. Based on reports, the incident occurred earlier this week and targeted the firm’s employee’s T-Mobile account.
The firm said the attackers specifically targeted T-Mobile without authorisation or contact with them or its employees. The threat actors transferred the victim’s phone number to an attacker-controlled phone at their request.
The operation allowed the threat actors to acquire access to specific files that store the personal information of bankruptcy claimants, like FTX, Genesis, and BlockFi.
The SIM-swapping attack against a Kroll employee became successful.
Like a common operation that employs such a tactic, the SIM swapping on Kroll is an unsophisticated campaign but damaging if successful. Threat actors could exploit a victim to fraudulently activate a SIM card that they control with its victim’s phone number. The technique could allow the attackers to intercept voice calls, SMS messages, and MFA-related.
Fraudsters commonly execute the SIM swapping technique by phishing or social media to collect personal details about their targets, such as birthdays, mother’s maiden names, and past schools they attended. Next, the scammers will use these details to deceive cellular carriers to port their victim’s phone numbers to one of their controlled SIM cards.
Kroll emphasised that it immediately secured the affected accounts and notified the affected individuals through email. Furthermore, the company claimed their investigation has not seen that the attack affected their other systems or accounts.
The incident’s disclosure came days after the co-founder of Blockchain Capital filed a lawsuit against an undisclosed hacker who stole more than $6 million worth of cryptocurrency in an alleged SIM-swapping operation.
In a related incident, the U.S. Department of Homeland Security’s Cyber Safety Review Board (CSRB) encouraged telecommunications providers to utilise more potent security protocols to prevent SIM swapping, including allowing customers to lock their accounts and enforcing rigorous identity verification restraints.
Experts advise everyone to research more about SIM-swapping attacks to avoid falling victim to hackers currently adopting such a strategy.
