BleepingComputer reports that Verizon has disclosed that some of its prepaid customers had their accounts accessed, with exposed credit card information later used in SIM swapping attacks.
Threat actors were able to infiltrate Verizon's system between Oct. 6 and Oct. 10 to obtain access to the last four digits of credit cards used for automated payments, which were then used to access Verizon accounts, according to Verizon, which noted that unauthorized SIM card changes processed by the attackers have already been reversed, while additional unauthorized access has already been blocked. Verizon has also performed Account Security Code resets for an undisclosed number of prepaid customers even though there has no longer been evidence suggesting ongoing malicious activity.
"We recently identified possible unauthorized activity involving about 250 prepaid wireless accounts. We secured these accounts and put in place additional measures to protect our customers from further unauthorized access or fraud," said a Verizon spokesperson, who added that affected customers have already been informed regarding necessary steps for improving account security.
