Every time that there is a leak like this it’s infinitely aggravating how the spin department tries to downplay what happened. If you are using SMS based MFA you probably want to stop doing that now.

  • punkcoder@lemmy.worldOP
    link
    fedilink
    English
    arrow-up
    6
    arrow-down
    3
    ·
    1 year ago

    Yup and that’s the infuriating part. It’s not helpful or useful, it 100% a cya.

    • WxFisch@lemmy.world
      link
      fedilink
      English
      arrow-up
      5
      arrow-down
      1
      ·
      1 year ago

      The reality is they may not know exactly what was obtained, but they do know it wasn’t anything they don’t collect (like DOB, SSN, etc listed in the message). Instead of looking at this purely as a CYA message, instead looking at it as informing you as soon as they had any idea your information may have been impacted instead of waiting weeks/months to inform you. Don’t let perfect be the enemy of good.

      • punkcoder@lemmy.worldOP
        link
        fedilink
        English
        arrow-up
        3
        ·
        1 year ago

        With the IMEI and SIM card information they now have the details needed to take over MFA. I share my birthdate with people that I casually know, I try not to do that with MFA codes. Credit card details would be bad, but at this point with the number of people who have leaked it, I would be 100% surprised if you couldn’t find our CC data via a google search.

        • StarDreamer@lemmy.blahaj.zone
          link
          fedilink
          English
          arrow-up
          1
          ·
          1 year ago

          Setup TOTP NOW. Mint added proper TOTP authentication as MFA a while back that should block sms based MFA. Might be a good way to prevent sim swapping attacks.