INSUBCONTINENT EXCLUSIVE:
The criminals were then able to receive her two-factor authentication messages and access her bank and payment accounts
The bestselling food writer tweeted she was "paranoid about security" and already had strong measures in place
A privacy campaigner said the industry had failed to address "Simjacking".Ms Monroe tweeted she was "white-hot angry" and had been told
although she should get her phone number back soon, the money "will take longer to recover"
"The money stolen has run into thousands of pounds - I'm a self-employed freelancer and I have to absolutely hustle for every single pound I
And someone has just helped themselves to around five thousand of them," she tweeted
Ms Monroe is a best-known for her low-cost recipes and her support for anti-poverty campaigns
In 2017, she successfully sued the right-wing commentator Katie Hopkins for libel
Simjacking, also known as Simswapping, is when criminals port a phone number over to a new Sim card, which they can then use as if it was
They do this by posing as a customer who wishes to move to a different mobile provider but keep their existing phone number.While mobile
phone operators often request personal information to complete the request, this can be data already in the public domain - Ms Monroe's
date of birth, for example, was on Wikipedia
Sometimes individuals working for mobile operators or phone shops can be bribed into making the switch.Often the first clue for the victim
is when their own phone stops working
Increasingly, banks and other services will use a text message to send a code as an extra layer of security to a registered phone number
before allowing access to an account
One critic of the industry's response to the crime is a privacy campaigner who used to work for the GSMA, the trade body that represents
mobile operators.Pat Walshe, now managing director of Privacy Matters, told TheIndianSubcontinent News the scale of the problem in the UK
was currently unknown but there were cases of Simjacking from around the world."The industry has failed to address this problem for a number
"It's not trivial [to carry out a Simjack attack] but someone could do it easily enough."Mr Walshe said victims should report the crime to
their mobile provider, Action Fraud and the Information Commissioner's Office (ICO)."I think Jack Monroe's case should now force the ICO
to investigate whether mobile operators are meeting their obligations to safeguard services and data under telecom privacy rules, in
addition to the [EU data protection law] GDPR," he said
The GSMA has championed an alternative mobile identity authenticator called Mobile Connect
TheIndianSubcontinent News has contacted the ICO, which deals with data protection issues.Jack Monroe has also been contacted.
