Breaking News Near Me | Trending News

You could be hacked through your old phone number, claim researchers

When you ditch your old phone number for a new one, the old one is often assigned to some other customer, something which can be called as number recycling. Researchers at Princeton University believe that the phone number recycling can be dangerous and comes with security and privacy risks. Kevin Lee and Arvind Narayanan, researchers at Department of Computer Science and Center for Information Technology Policy, Princeton University, carried out a study in which they sampled 259 phone numbers available to new subscribers in the US. Here is what they have to say about it:
“We sampled 259 phone numbers available to new subscribers at two major carriers, and found that 171 of them were tied to existing accounts at popular websites, potentially allowing those accounts to be hijacked. Additionally, a majority of available numbers led to hits on people search services, which provide personally identifiable information on previous owners. Furthermore, a significant fraction (100 of 259) of the numbers were linked to leaked login credentials on the web, which could enable account hijackings that defeat SMS-based multi-factor authentication.”
Your old phone number, if it gets into the wrong hands, could serve that person with your information, which could then be misused. Also, the study found that the new owners of an old number continued to get personalised updates meant for the former owner, with details like “blood test results”, “spa appointment reservations”, etc.
The researchers add that when changing to a new phone number, customers usually forget to immediately update all of their online accounts. Since the old numbers were tied to two-factor authentication, this opens a window for someone to log into your social media accounts, access your email and control other personal online accounts. The researchers said that your personal information could be easily collected from online “people search sites” like BeenVerified or Intelius, and used to augment the account takeovers. So, it’s recommended to update or shut down all your online accounts tied to the phone number you are about to change for a new one.

Leave a Reply