Sorry for the long post to follow.
Here is what happened to me recently. On Sunday 1/19/2020 around 2:30pm, I noticed that I lost T-Mobile network connection. Everybody around me, including those with T-Mobile network were fine, with 4-5 signal bars. I assumed it was a phone/setting issue, rebooted the phone, reset the network setting, but nothing. Removing the SIM and re-entering did nothing either. I decided to turn off my phone for a little bit then an hour later, when I turned it on, I still had the same issue, WIFI was working though. I decided to try my friend’s SIM to see if it was a phone issue or SIM and network connection came back so it was a SIM issue. I decided to call TMobile with my friend’s phone that evening and they were able to reactivate my phone. I asked them what happened and they said that they were not sure, most likely a glitch.
Fast forward to Tuesday morning 1/21/2020 at 4am (I wake up early), I checked my bank account and see that there was a unauthorized transfer from my bank to my coinbase (a site where you trade cryptocurrency). I immediately tried to logon to coinbase but my logon and pw were not working. I set up a 2steps verification for coinbase where you also need to receive a text to your phone and enter the code before you can successfully login to the site.
It was at that point that I realized what happened. Someone had taken over my SIM that Sunday so that they could receive the text verification. After I called my bank to dispute the charge, after I called coinbase to lock my account, I started to do some research online which confirmed that the SIM hacking was a real thing but they said that someone would have to call the phone company and impersonate me, and know my 6 digit password in order to make any change to the account. I immediately called Tmobile to find out if that was the case. The rep told me that she only saw my calls requesting to reactivate my phone and that no one else called. She then said that there was only a “Follow-up” showing on my account that day. I asked what a “Follow-up” was and she said it was when the customer opens a case and that a rep goes back into the account later to follow-up. It was at that point that she realized that the rep switch my SIM to another device. She immediately raised the issue of fraud, asked me to hold then went to talk to a supervisor. She came back saying that a fraud case has been opened and that they will investigate. As for me, I had nothing to worry about and that they added some extra protection on my account so that it never happens again. But that that was it and I would have to deal with the banks to get my money back.
I spend the rest of the day checking my credit, changing all my passwords, adding a red flag to my 3 credit reports, then this morning, found out that another $2500 has been transferred out of one of my account. The banks were fine to deal with and said they will dispute the charges but I have to wait for the inquiry and a determination will be made after. On the other hand, the crypto website coinbase, told me that I was on my own and that they only insured the lost money if their entire site was hacked and said that I should have protected my account better.
I called TMobile right after to inquire if they had a fraud team or legal team I could talk to but the only thing I received was the following address: Tmobile wireless legal department
12920 South East 38th street
Bellevue Washington 98006
It has been a nightmare for the last 2 days, the level of stress is out of control and all I get from T-Mobile is a sorry but that’s all we can do.
So the question is, isn’t T-Mobile responsible for this given that it was an employee who did this?
Note: I am assuming only an employee would have access to their system unless their whole system got hacked and that would be a bigger issue…
I only know it was someone with access to the Tmobile system because the rep on the phone told me.
But even if it was someone impersonating me without my 6 digit code (unique password that I use for TMobile by the way, not written down anywhere and that nobody knows), how would they be able to request to move my SIM info to a new device without a misstep from someone given that they don’t have the password to the account?
Sorry for the long post. Hopefully someone from Tmobile will read this and can provide me assistance.
Note: If your phone suddenly loses cellular network and everybody around you on the same network are fine, remember to call your cell phone provided immediately to avoid what happened to me.
Best answer by tmo_amanda
Gosh, that's a nightmare of a situation especially considering you may not be able to get those funds back from coinbase. I know that with every day passing you need more answers. Unfortunately, this is a situation that only our fraud team can handle. I hate to repeat the same info you've been given multiple times, but we have to allow the fraud department to research what exactly happened which will determine the outcome.