Every time that there is a leak like this it’s infinitely aggravating how the spin department tries to downplay what happened. If you are using SMS based MFA you probably want to stop doing that now.

    • @cybervseas
      link
      English
      1211 months ago

      I don’t think people understand the impact of IMEI and SIM serial being compromised. I’m not sure I fully do, either. This feels like when a mechanic gives you too much technical information that you don’t know how to process.

        • @cybervseas
          link
          English
          211 months ago

          Mint is a mobile carrier so they have this information about your phone.

      • Alto
        link
        fedilink
        411 months ago

        People really, really hate clicking past the post, even if it’s just to a screenshot.

        Heaven forbid its an article

    • FuglyDuck
      link
      English
      411 months ago

      To clarify for people wondering, SIM and IMEI information is how the system knows your phone is… your phone.

      Cloning it is supposed to be hard, but with it, they can receive 2FA messages like “Is This You? Text Y back!”.

      It’s actually super easy, if they have enough information, to convince a carrier’s customer service that they are you (remember… never work the system when you can work the people who manage it.)