Carding
Professional
- Messages
- 2,870
- Reaction score
- 2,511
- Points
- 113
Are you sure about your operator?
Kroll, a global leader in security consulting services, has revealed that one of its employees was exposed to a SIM-swapping attack, which led to a leak of user data from various cryptocurrency platforms with which the company cooperates.
Cryptocurrency lender BlockFi and previously bankrupt trading platform FTX reported a data security breach due to a recent attack on a Kroll employee dealing with the bankruptcy of both companies.
In an official statement, Kroll said that on August 19, 2023, an employee of the company was attacked using his number on the T-Mobile network. "T-Mobile transferred our employee's number to attackers without any notification or permission from Kroll," the statement reads. As a result, the attackers gained access to files containing personal information of BlockFi, FTX and Genesis clients.
The SIM-swapping attack against a Kroll employee increased the risk for BlockFi, FTX, and Genesis customers to fall victim to similar attacks or phishing attempts. Some customers have already reported suspicious emails suggesting that they start withdrawing digital assets from their FTX accounts.
Most of Kroll's business involves helping organizations manage cyber risks. Although the company investigates data security breaches and provides identity protection services, its employees apparently did not take into account the risks associated with using T-Mobile for wireless communication.
The attack on Kroll is a reminder of the need to minimize dependence on mobile operators for security issues. For example, many online services require you to provide a phone number when registering an account, but then you can delete this number from your profile.
Kroll, a global leader in security consulting services, has revealed that one of its employees was exposed to a SIM-swapping attack, which led to a leak of user data from various cryptocurrency platforms with which the company cooperates.
Cryptocurrency lender BlockFi and previously bankrupt trading platform FTX reported a data security breach due to a recent attack on a Kroll employee dealing with the bankruptcy of both companies.
In an official statement, Kroll said that on August 19, 2023, an employee of the company was attacked using his number on the T-Mobile network. "T-Mobile transferred our employee's number to attackers without any notification or permission from Kroll," the statement reads. As a result, the attackers gained access to files containing personal information of BlockFi, FTX and Genesis clients.
The SIM-swapping attack against a Kroll employee increased the risk for BlockFi, FTX, and Genesis customers to fall victim to similar attacks or phishing attempts. Some customers have already reported suspicious emails suggesting that they start withdrawing digital assets from their FTX accounts.
Most of Kroll's business involves helping organizations manage cyber risks. Although the company investigates data security breaches and provides identity protection services, its employees apparently did not take into account the risks associated with using T-Mobile for wireless communication.
The attack on Kroll is a reminder of the need to minimize dependence on mobile operators for security issues. For example, many online services require you to provide a phone number when registering an account, but then you can delete this number from your profile.
