If you suddenly lose control of a host of Web services at once, there could be a simple root cause: hackers have taken control of your phone number. The New York Times reports that hackers have been increasingly able to convince carriers to transfer customer phone numbers to devices in their control. That allows them to reset passwords for sites secured using two-factor authentication, a feature that is now used widely by sites like Twitter and Facebook.
You might be particularly concerned if you’re an early adopter of cryptocurrencies, as attackers appear to be focusing attentions on commandeering logins for currency lockers and then draining them. The Times points to the particularly troubling experience of Joby Weeks, a Bitcoin entrepreneur who lost “about a million dollars’ worth of virtual currency” last year via this kind of scam, even though he had alerted his cell carrier that he might have been targeted.
Earlier this month, Wired published an interesting piece highlighting the newfound status of the phone number as “the only username that matters.” From the article:
Don’t settle for half the story.
Get paywall-free access to technology news for the here and now.