[nym]

I was targeted this evening by a hacker who ported my phone number, and then got into FB + Yahoo (SMS reset).

The motive appears to be bitcoin, based on the people contacted via facebook.

Is it possible the initial PIN that was sent by Tmobile was intercepted via SS7? I am trying to find out if my phone (android) is compromised as well.

The accounts and phone number are back under my control but I want to find out the vector as soon as possible -I don't trust tmobile to honor requests not to allow porting.

[sasas]

What a frightening experience! I'm sorry this happened to you. Curious to understand how these attacker obtain your phone number in the first place? I mean it's not something you publish widely right?

[always_good]

If you know somebody's name, you have enough information to call each carrier until you get a hit and then escalate from there.

[nym]

Unfortunately I don't guard my name + number like I do my passwords. Who knows how they found it, in a post equihax world I'm not sure anyone can consider this private.

[kevingrahl]

I don’t mean to say it was OP’s fault but you shouldn’t really use your primary phone number for 2FA anyways. Using a burner dumb phone dedicated only for 2FA should be standard, right?

[Hanswurst133742]

Standard? As far as I know, the majority of users dont even use 2FA at all. How do you expect them to have a dedicated phone for it...

[nym]

It turns out the hacker stole a dealer's ID which meant the OTP sent to my phone was never needed / used. The dealer id overrides the need for a password.

[nym]

Does Tmobile offer 2FA that isn't SMS based?