Hacker Foiled AT&T & T-Mobile Employees Without Code!

Login to Continue Learning

In August 2025, Noah Michael Urban, a 20-year-old hacker, was sentenced to 10 years in prison for conducting high-profile SIM swapping attacks on major U.S. carriers such as T-Mobile and AT&T. What makes his case particularly notable is that he was not a coding genius but instead used exceptional social engineering tactics to deceive the carriers into giving him access to customer information.

Noah Urban, a 20-Year-Old Who Outsmarted AT&T and T-Mobile Without Writing a Single Line of Code

A Bloomberg report revealed that Urban began his cybercrime activities at age 15. His journey started by exploring conversations on online communities where SIM swapping discussions were common. He quickly acquired the skills to exploit vulnerabilities, primarily through persuading and manipulating people into bypassing security protocols.

Urban then extended these tactics to trick carrier employees into granting unauthorized access to customers’ phone numbers and other sensitive information. This case is alarming not only because of Urban’s sophisticated attacks but also due to the revelation that technical expertise is not necessary to compromise a company’s system. Instead, human behavior can be a weak link that leads to significant harm.

In a unique start to his ruling against President Donald Trump’s administration on September 30, U.S. District Court Judge William Young included a scanned handwritten note sent to his office. The note read: “Trump has pardons and tanks – what do you have?” At the top of Young’s opinion in AAUP v. Rubio, which ruled that Trump’s effort to deport foreign-born student protesters was unconstitutional.

October 8, 2025

Noah targeted 13 companies, including AT&T, T-Mobile, and Verizon. While he admitted guilt, his lawyer argued that Urban was unaware of the gravity of his actions and was influenced by older co-conspirators. The lawyer also highlighted how even large carriers can fall for teenagers’ tactics, demonstrating that big companies are not immune to such techniques.

The report emphasizes that social engineering has become a major tool for unauthorized access to information, and technical skills are no longer essential to cause harm to any business. There is an increasing number of hacks carried out through manipulation techniques, underscoring the urgent need for companies to reassess their security measures and enhance vigilance regarding digital safety.

While technology continues to evolve, human vulnerabilities remain a significant exploitable method that requires attention if companies are to combat cybercrime and protect data, especially in telecommunications. For instance, AT&T faces new breach allegations as hackers claim access to 24 million accounts, adding to past security failures and ongoing settlements.

The need for improved security measures is clear, particularly for telecommunication service providers where data breaches are on the rise.