Hacked on my other services by someone who hacked by T-mobile account and then used DIGITS to get my texts for authorization( Stop this)

thehbk@gmail.com

    as above

     

    Digits was introduced without my knowledge, and basically used by someone to hack my t-mobile account and then use this account to hack into all my other services, as Digits lets you recieve your text messages which are literally one of the biggest security hack right now.

     

    please remove this from my device and give customers to have the option to NEVER have Digits.. ( i can see it can be useful unless this s

      All replies

      • debjitjdv

        Hi thehbk,

         

        Sorry to hear this. Would you mind explaining this a more? Yes DIGITS is a full pledged talk and text service and that's how it is meant to be. A complete second line without the need for a SIM card. There are several things that I do not understand:

         

        1. Unless someone knows your T-Mo credentials, how can they get access to your account and assign DIGITS to themselves?

        2. The moment someone assigns themselves to your number via DIGITS portal, T-Mo sends you a text and an email to your T-Mo ID to let you know that an assignment has been made and if it is not legitimate, then warns you to remove them immediately.

        3. No shortcode texts are allowed in DIGITS number (both in Virtual i.e. DIGITS T&T and Duplicate number i.e. DATA with PAIRED DIGITS). Usually, to authorize yourself for different services like banking etc, you will receive the one time code as a shortcode text which will only arrive in your sim number.

         

        There are few steps you can take to ensure your account's safety. T-Mo has enabled 2-Step Authentication to login to your account for long now. You need to enable now so that even if someone gets their hand on your T-Mo credentials, without the 2FA code, they won't be able to login to your account. You should keep an eye on the texts/emails sent by T-Mo for possible frauds and compromise. Enabling 2FA in your other services like banking etc is a good idea and is a standard practice nowadays,

         

        Nevertheless, your input is very valuable. If you have a few mins to explain the scenario and your possible take on how the "hacking" might have happened, our wonderful admins can pass those as potential guidelines to the security team to put necessary safeguards in place to avoid these sort of scenarios.

         

        Again I am sorry to hear this. Looking forward to hearing from you soon and please tag me as debjitjdv