Community

@Kathybrooker 

Can you log into your account?

They are porting numbers without permission.  Mine was ported out this morning.  Still waiting to hear back from them.  Followed their instructions on porting back to my SIM card but not working.  Will have to wait 48 hours to hear back from them.  😞

@Kathybrooker 

Moderator support is back to normal you should hear back from them soon. You should call your bank and credit cards and secure your accounts. Talk to your banks fraud department and tell them you are a victim of a fraudulent port. If possible change your passwords and disable 2FA on important accounts including paypal, amazon etc....

Your self serve is dusabled isbit not? Porting out automatically close your account. Where is your phone ?

I just had my number ported over to a new SIM card this morning around 11am without my permission.  Now I have to wait 48 hours to get in contact with them.  So it is happening.

I just had my number ported over to a new SIM card this morning around 11am without my permission.  So it is happening.  So be very careful with Public Mobile.  

So I just did a little test (w/o signing in) asking Public Mobile how to port my #. It's w/ the chat bot and the response I got was it gets sent to the moderator(s).

So what minimum info. do the moderators require (based on PC policy) before allowing a # to be ported?

Finally a real answer. Okay my account on community has private information, like name email and such, also probably has PM mobile number tied to it, so if another one shows up you would expect some reasonable diligence on PM's behalf that something odd is happening?

---

@stonechucker wrote:

---

@geopublic wrote:

---

@stonechucker wrote:

One Set up a password manager, and do not share your credentials, nor reuse passwords at other services.  The likelyhood of your phone number being stolen from you is so minimal, doing what I’ve already said is more than enough to be safe.

 

Publlic Mobile doesn’t even check credit or financial history for starting a service up, why would you even need to prove your identity with government issued iDs?  They have nothing to compare it yo.

 

Protect your personal information,  do not share it with anyone.

 

This thread is nothing but fear mongering.

---

Disagree 100%. Knowledge is power. Just search on stories and testimonials of real people that have been through a SIM jacking and one can make their own determination if it is fear mongering or reality. Don't have to go very far...just search the community forums here.

 

 

---

@geopublic, @IWorkForRogers, from the page linked by the Moderator_Team account, I found this about security.  Take a look at the TELUS Security link.

---

As long as one has your account number or access to an online account all that goes out the window.

Edit: Here is an example. I'm not saying it's not a legitimate request but how does the PM/Moderator verify the account?. OP just signed up for his community account. Has a P# and an email (could be hacked), lost his phone, can't remember any of security questions or PIN and needs to get into his account

---

@geopublic wrote:

---

@stonechucker wrote:

One Set up a password manager, and do not share your credentials, nor reuse passwords at other services.  The likelyhood of your phone number being stolen from you is so minimal, doing what I’ve already said is more than enough to be safe.

 

Publlic Mobile doesn’t even check credit or financial history for starting a service up, why would you even need to prove your identity with government issued iDs?  They have nothing to compare it yo.

 

Protect your personal information,  do not share it with anyone.

 

This thread is nothing but fear mongering.

---

Disagree 100%. Knowledge is power. Just search on stories and testimonials of real people that have been through a SIM jacking and one can make their own determination if it is fear mongering or reality. Don't have to go very far...just search the community forums here.

 

 

---

@geopublic, @IWorkForRogers, from the page linked by the Moderator_Team account, I found this about security.  Take a look at the TELUS Security link.

---

@stonechucker wrote:

One Set up a password manager, and do not share your credentials, nor reuse passwords at other services.  The likelyhood of your phone number being stolen from you is so minimal, doing what I’ve already said is more than enough to be safe.

 

Publlic Mobile doesn’t even check credit or financial history for starting a service up, why would you even need to prove your identity with government issued iDs?  They have nothing to compare it yo.

 

Protect your personal information,  do not share it with anyone.

 

This thread is nothing but fear mongering.

---

Disagree 100%. Knowledge is power. Just search on stories and testimonials of real people that have been through a SIM jacking and one can make their own determination if it is fear mongering or reality. Don't have to go very far...just search the community forums here.

Hey @IWorkForRogers,

Please check our privacy policy by following this link: 

https://www.publicmobile.ca/en/ns/privacy-policy

I`ll be happy to help in case you have other questions.

Have a great day,

Oana 🙂

One Set up a password manager, and do not share your credentials, nor reuse passwords at other services.  The likelyhood of your phone number being stolen from you is so minimal, doing what I’ve already said is more than enough to be safe.

Publlic Mobile doesn’t even check credit or financial history for starting a service up, why would you even need to prove your identity with government issued iDs?  They have nothing to compare it yo.

Protect your personal information,  do not share it with anyone.

This thread is nothing but fear mongering.

---

@IWorkForRogers wrote:

Okay straight answers people... in summary in conclusion....

 

Someone has your health card number, driver's license number, passport number, etc with no control over anything else like email and such. These "bad actors" not only have access to another service provider's functions they could actually work for one, expect for Public Mobile itself! What would they need to steal the number, if PM online account is protected by strong credentials? Someone mentioned all that is needed:

 

Account Number 

Account Pin/Password or

IMEI number of the Device/Phone

 

How would someone get this information if protected, behind strong credentials?

---

@IWorkForRogers  Here's one hypothetical scenario:

The thief signs up with a PM community account and messages the moderators  that their (your) phone was stolen and that they forgot their account password and PIN and don't have access to email anymore for account verification purposes.

In the message to the moderator they include your phone number along with name and since they (you)  have no other way of verifying the account  they can provide H# or Driver's license or passport# for verification purposes....PM can you please reset my account?

For arguments sake let's say they were successful in accessing your account. The first thing they do is change the password and email on the account. The "bad actor" at this point activates another provider's sim and requests to port their (your) number over by providing the necessary info.

Once the port completes (in a couple of hours) your PM account automatically closes your phone shows No Service ......and your nightmare begins.....

---

@popping wrote:

---

@iliketotalk wrote:

@IWorkForRogers  I would certainly hope another provider couldn't arbitrarily port out a number without consent I am sure it would be illegal to do so, why do you think there is an issue?

---

I was suprised that members here, including Oracle, are recommending using only account number, phone number and account name to port number to PM without providing PIN# as I always provide my PIN to port my number.

---

Number Porting only Requires ONE of the 3 things. Not all three. That is how the Porting system is setup.

Account Number or 

Account Pin/Password or

IMEI number of the Device/Phone

That's it.  Only ONE of those 3 things is required.

---

@popping wrote:

---

@iliketotalk wrote:

@IWorkForRogers  I would certainly hope another provider couldn't arbitrarily port out a number without consent I am sure it would be illegal to do so, why do you think there is an issue?

---

I was suprised that members here, including Oracle, are recommending using only account number, phone number and account name to port number to PM without providing PIN# as I always provide my PIN to port my number.

---

This is because using the account number only usually is the best information to use to do a number port.  I'm not speaking from a security standpoint.

Providing the account PIN of the old provider, in most cases, does not help the porting process. It can actually hamper it because there would be more information that could be wrong, and because some people mistakenly use the wrong account PIN.

Providing the old provider's account PIN also does not provide the customer with better security. This is because most times, if you provide the old carrier's account number (without providing PIN), the phone number will be released to the new carrier anyway.  This is the way the number portability rules are set, that only one of account numner, IMEI, or PIN are required.

To improve security when it comes to port out, carriers would need to require more or different information for number porting.  Until carriers change their own internal policies about how port outs are handled or unless the rules change, providing one piece of information or a combination of information over another doesn't change anything when it comes to phone number protection.

---

@iliketotalk wrote:

@IWorkForRogers  I would certainly hope another provider couldn't arbitrarily port out a number without consent I am sure it would be illegal to do so, why do you think there is an issue?

---

I was suprised that members here, including Oracle, are recommending using only account number, phone number and account name to port number to PM without providing PIN# as I always provide my PIN to port my number.

@IWorkForRogers I think the bottom line is if someone really wants to get your number bad enough they probably can it,s the world we live in nowadays all we can do is try and keep our private info secure and not give it out like candy, everyday I see it around here I probably could have ported out 10 or 20 numbers in the last week if I was inclined to 

---

@IWorkForRogers wrote:

So basically your saying there is **bleep**ing security holes everywhere in Canadian Telecom industry for somone stealing your number if they have pass port number, health care number, etc, obtained?

---

@IWorkForRogers  Yes, in many cases they just need to break into your email account. Others can access info from the dark web of hacked sites and that is were the adventure begins. That's why it is important for providers to offer an account lockup feature but I guess it will have to be implemented in the US before Canada does something.

So basically your saying there is **bleep**ing security holes everywhere in Canadian Telecom industry for somone stealing your number if they have pass port number, health care number, etc, obtained?

---

@popping wrote:

After watching CBC Marketplace https://www.youtube.com/watch?v=Ck_r2GYLdCI on how to get in the CBC host account to change the PIN number and add himself as the secondary user to her Rogers account.  Anything can happen.

 

Given PM does not have call center.  The hacker will not have the patient to do the private message delay over 2 - 3 days. lol

---

I disagree, moderators are the weakest link in the PM equation if they are not trained properly and have the power to reset an account because they believe the story.... that I lost my phone, don't have access to my email anymore,forgot to signup for selfserve but purchased a new phone and sim , I'm handicapped....Please help me!!!

Success I'm in...change the account password...download call logs...port out...party time for the thief and a nightmare for the victim!!