SIM swapping attacks have been a problem with mobile carriers for years, which can lead to customers being locked out of their phone service and having their personal data stolen. Thankfully, networks are getting more serious about the problem, including T-Mobile.
The attacks usually involve someone contacting your carrier's customer support, pretending to be you, requesting a new SIM card. If they are successful, they can obtain a new SIM card and activate it on a device they own -- revoking connectivity and the number from the device you own. SIM swap attacks are commonly used in conjunction with SMS-based two-factor authentication and passwords from other data breaches to break into a person's online accounts.
Each mobile network has tried various strategies to combat against SIM swapping, such as better training for customer support representatives and new authentication measures, but it still happens occasionally. T-Mobile is rolling out a new account setting for customers, called SIM protection, which blocks any SIM changes (such as activation on another device) until the block is removed.
The option isn't enabled by default, possibly to avoid disruptions for people that swap SIM cards between devices they own. If you're on T-Mobile, you can find it in the "Privacy and notifications" section of your account settings -- the source link below has more detailed instructions. It can be enabled for all phone lines on an account, or you can flip it on for each line individually.
It's great to see more security options for phone lines, especially as many carriers struggle with implementing features that are common in other types of online accounts, like app-based two-factor authentication. Here's hoping all networks implement a similar feature.
Source: The T-Mo Report