top of page

Kroll Employee Falls Victim to SIM Swapping Attack

In a recent turn of events, prestigious risk management and advisory firm, Kroll, revealed that a member of its workforce was subjected to an advanced form of cybercrime known as SIM swapping. The breach, which occurred on August 19th of 2023, was aimed at the staff member's T-Mobile account, as per Kroll's declaration.

To elaborate, T-Mobile transferred the mobile phone number of the employee to an unknown entity, all without the consent or contact with Kroll or the person involved. The transfer of the number was not instigated or approved by Kroll or its team member, making it an unauthorized act that potentially compromised the security of Kroll’s data infrastructure.

As a result, the unknown assailant managed to garner access to select data which encompassed the personal information of those making bankruptcy claims linked to BlockFi, FTX, and Genesis, marking a critical data violation.

Most individuals know SIM swapping as the simple act of duplicating or switching their registered phone number to a new SIM card. However, this seemingly harmless process can be manipulated by malicious entities to activate a SIM card under their watch, governed by their victim's phone number. In essence, the offender takes control of the SMS and voice call scheme, including MFA-controlled online account access.

Such malicious activities are commonly achieved by phishing or exploiting social media to amass personal details regarding potential targets. Information such as birthdays, mother's maiden names, and even their high schools, enables these invaders to convince telecom operators convincingly, to port the victim's phone number to the offender’s SIM card.

Nonetheless, Kroll has been proactive in dealing with the incident and promptly secured the three affected accounts. Kroll has also made conscious efforts to inform the impacted parties of the situation. As inquiries continue into the matter, Kroll asserts the absence of suspicion that any other systems or accounts have been compromised in the incident.

Kroll's announcement of the incident occurred soon after Bart Stephens, co-founder of Blockchain Capital, accused an anonymous hacker of stealing cryptocurrency worth $6.3 million through a suspected SIM swap attack, implying a rising concern in cybersecurity.

Earlier, the Cyber Safety Review Board (CSRB), an arm of the U.S. Department of Homeland Security, had recommended telecommunications services to employ robust security protocols to mitigate threats posed by SIM swapping attacks. Recommended measures included providing options for account lockdowns to customers and stricter identity verification processes.

In light of these incidents, it becomes increasingly clear that users should consider alternatives to SMS-based two-factor authentication (2FA) mechanisms. Cybersecurity experts often suggest the use of phishing-resistant security measures for improved security of online accounts.

Keeping up with daily updates and tips on cybersecurity can greatly enhance your knowledge of the ever-evolving landscape of digital security, gearing you up to face potential cybersecurity threats. At Darksteel Technologies, we are an Orlando based business that can handle all aspects of your IT security. Providing compliance, training, malware protection, cloud security, devsecops, vulnerability management, penetration testing, architecture design and any other information security requirement your business needs. We focus on your cybersecurity so you don't have to.


Commenting has been turned off.
bottom of page