Skip to Content
Policy

Hackers Are Coming for Your Cell-Phone Number

August 22, 2017

If you suddenly lose control of a host of Web services at once, there could be a simple root cause: hackers have taken control of your phone number. The New York Times reports that hackers have been increasingly able to convince carriers to transfer customer phone numbers to devices in their control. That allows them to reset passwords for sites secured using two-factor authentication, a feature that is now used widely by sites like Twitter and Facebook.

You might be particularly concerned if you’re an early adopter of cryptocurrencies, as attackers appear to be focusing attentions on commandeering logins for currency lockers and then draining them. The Times points to the particularly troubling experience of Joby Weeks, a Bitcoin entrepreneur who lost “about a million dollars’ worth of virtual currency” last year via this kind of scam, even though he had alerted his cell carrier that he might have been targeted.

Earlier this month, Wired published an interesting piece highlighting the newfound status of the phone number as “the only username that matters.” From the article:

WhatsApp was among the first apps to equate your account with your phone number. Now apps like Snapchat, Twitter, and Facebook Messenger do it too. Starting this fall, setting up your iPhone will be as easy as punching in your number. The supposedly super-secure way of logging into apps involves texting you a secret code to verify your identity. Phone numbers are killing the username, killing the password, and making it easier than ever to go wild online.

That sounds awfully convenient. But held up alongside the findings of the Times, it also seems rather terrifying.

Deep Dive

Policy

What happened to the microfinance organization Kiva?

A group of strikers argue that the organization seems more focused on making money than creating change. Are they right?

Six ways that AI could change politics

A new era of AI-powered domestic politics may be coming. Watch for these milestones to know when it’s arrived.

Cryptography may offer a solution to the massive AI-labeling problem 

An internet protocol called C2PA adds a “nutrition label” to images, video, and audio.

Stay connected

Illustration by Rose Wong

Get the latest updates from
MIT Technology Review

Discover special offers, top stories, upcoming events, and more.

Thank you for submitting your email!

Explore more newsletters

It looks like something went wrong.

We’re having trouble saving your preferences. Try refreshing this page and updating them one more time. If you continue to get this message, reach out to us at customer-service@technologyreview.com with a list of newsletters you’d like to receive.