IPhone 11 security breach on Xfinity mainframe - unauthorized by customer sim numbers inserted

@XfinityDena​ Thank you for taking the time to respond and I apologize for being slow in responding. Frankly after 30 plus hours on the phone with 12 (yes, I kept track and counted them) Mobile Repair sites around the World, finally ending with a Fraud Dept. Mobile Repair individual, I just burned out. I failed to check back to the Forum. I should also mention everyone tried to be helpful and were extremely supportive, but no one had a solution.
      The root problem appeared to be whoever had inserted a new sim number into the Xfinity Mainframe to pair their device with my iPhone had inserted code the locked my sim on my phone. No one could unlock it. We tried installing a new sim card, but no success - except billing being messed up, but I think the credits processed.
      Final solution was to flatten the phone and reboot it from the iCloud. It took a few hours, but the sim unlocked and all my data came over except my text message history.
      My Son, who is deployed overseas, faired better. Early on he - like I - was able to get back control of our email, text and Xfinity Account. Because of his location he keeps his phone on Airplane Mode. Apparently that kept his sim from being locked. The Fraud Dept Mobile Repair person I was working with was able to call him and confirm his phone function was operating correctly - he did loose $5000 from the act he knows off, but seems to have regained control of his accounts now too as I have.
      The Fraud Dept Mobile Repair site said they would continue to follow up on the issues.. We learned to set up two party verification on accounts and have alerts sent for any bank or credit card transaction. This works most times. Some banks only send alerts for transaction over $100 - the hackers knowing this did $280 in $6 transactions which I got credited back. Some sites allowed passwords to be changed by just sending a code to your phone. The hacker had control of my phone so their device received the code and allowed him to change passwords and then the user id.
      Regardless this event appears over - until the next time. My only question really is, since everyone seems to acknowledge it was the Xfinity Mainframe the Hacker gained access to and inserted the sim control, what has Xfinity done to mitigate that security breach for the future? All of the Xfinity people we have dealt with have been wonderful, yet realizing their mainframe was the root cause of the issue, no one has extended an apology or credit for service lost. Disappointing...

Hi there, @bw012 Thank you so much for the update, I'm very sorry for the inconvenience you and your son went through in regards to the fraud. I also appreciate the update you provided regarding the end results on our fraud department getting you taken care of. I truly do apologize, on this forum we have no way of knowing what the root cause was. I would recommend contacting our Xfinity Mobile team directly in regards to any credit request.-Richard

@XfinityDena​ Please reference my iPhone 11 Hacks in my May 31st notes. The two iPhone 11's were finally, we thought, okay. The flattened and rebooted mine, my Son - overseas in an isolated region - and a repair person resolve his electronically.
    Well 0n June 22nd it happened again. My Son's iPhone 11 was cloned that Saturday. I checked my Xfinity Mobile account. The Hacker this time mistakenly had the two phones listed on it. The one for my phone wasn't activated yet so I could suspend it. My Son's Hacker phone number was listed, but the system wouldn't allow me to suspend.
     After four hours on the phone with Xfinity Mobile Repair people in India, the Philippines , I finally reached a man named Simon in a Central America center.After an hour doing multiple steps, he said he was going to block my phone, contact his Tier 3 - who are on banker hours - and call me back the next day. Since I had had that promise before with no call back - Still no call back and closure from the ECM filed last month - I thought I would hear from him. Surprise he did call. 
     Simon tried a few steps, but my phone still had a sim issue. I did have a new Sim card which had been sent last time (first solution seems Centers send cards, but don't know how to activate them). I installed the card, nothing changed. Simon manually entered the number, we rebooted the network, nothing. We went to Airplane Mode for ten seconds and back which showed some signs of life (WiFi was turned off as instructed). The closest cell tower is line of site one mile away. Simon asked me to go outside and redo the Airplane mode. It worked.
      My Son's issue was harder. Not many cell towers there. He found a Repair Center Tech who appeared able to hack the hacker, then electronically shut that phone off and re=estable the Sim on my Son's. So far it has worked - but since the hacker had been active for two days he has had to cancel all his bank cards, continue fighting to maintain his email security and had a Kripto account drained of several thousand dollars. As of today he still finds repeated attemps being made although the number was diactivated and cancelled.
      Hack issues:
1 - the clone of our phone did NOT show in the Xfinity database - we had the imei numbers because the Hacker left a footprint on my statement
2 - Our iPhones didn't display the clones leaving as no way to cancel - which I was told if I had created the pairing, I would have seen a choice to cancel it.
3 - while I was finally (so far) credited the $50 for the two hacker lines added, only my had been removed from my statement. The number ending in 4500 that hacked my Son is still on display.
4 - No of the Repair Center contacts knew how a sim could be pirated without your mainframe reflecting or and my phones displaying the activity.

5 - Avery limited number (two) knew how to activate a sim number efficiently and electronically.

Note - ALL Xfinity contacts were "Good Soldiers". They are very polite and constantly repeat "we can fix this" (when obviously they could not). 
       So today we went to the Factoria, Washington state store. I thought I would at least upgrade my phone to a iPhone 15. When my Son returns in two months we would do his. We meant with Daniel.
1 - I explained the hack issues and asked if he could purge the hacker's number from my account. He said he had no ability."
2 - He expressed in his 22 years of cell phone experience he had never heard of a sim number case - guess he thought I fabricated it?

3 - I said I hoped to upgrade my iPhone 11 to a 15 and hoped it was more secure. He said no deals were available and my phones probably had a virus. 

4 - I questioned that Xfinity had no store process for a customer who's phones were hacked to provide a promotional discount of any kind. He said "No", be went to get the Manager.
5 - Keep in mind he still hadn't even logged into my account - we are Diamond customers. When the manager came out I reiterated a short version and asked they check my account. They did and acknowledged they could see activity, but no dialogue. 

6 - their finally comments were they had no ability to address my iPhone 11 itself. That was an Apple Problem I needed to address. It couldn't be an Xfinity software gap. I must have a virus on the phone. Their responsibility was only to sell phones etc. . I asked them, "aren't tour paychecks signe by Xfinity just like the repair center techs. Don't you feel any accountability for my iPhone 11's being hacked? Don't you have a process or procedure for escalating my issue - afterall I never even received feedback on the ECM written up the first time" The answer was, "we just sell the product. The is an Apple Store in Bellevue. Is there anything else we can do for you today".

      Short conclusion, I don't need help like that. I can get (mis)treated like that at Verizon or T-mobile - and probable get a discount on a new phone.
      Unfortunately Xfinity internet has a monopoly on good service in the rural areas I am locate.
      Cell Phone service is also stronger with Xfinity, BUT it seems obvious I don't need service like I received today. Xfinity sold me the phone and now appears to take no accountability for the failure to perform - which so far all the Repair SItes (even if they couldn't fix) acknowledged was a hack through the Xfinity System.
       I am writing this more out of frustration then hopes of a solution - other then be brushed off and told to take my problems to someone else.....

@XfinityDena​ As a follow up to the Factoria Stoe's employee, Daniel (with 22 years of cell phone experience), I just got off the phone with an Apple Senior Analyst. He was aware this type of proble existed. It was my phone that was the issue. It was a case of Sim swapping. It would only happen if my data at Xfinity had been leaked. The indecators that neither my phone nor the Xfinity mainframe had any record of the pairing taking place reflects a security problem at the Carrier - i.e. Xfinity.
     He actually was interested in the two IMEI numbers that showed up on my statement and belonged to the hackers.

They are 35-289711-856411-4  and 35-654310-092379-5  iPhone 11 64 GB phones leased through Sprint or T-mobile - probably overseas by now.

The software in my phones are not the issue.

The software at Xfinity IS the apparent issue.

I imagine I will be changing carriers in an attempt to break the leaked information trail - although I acknowledge other carriers could have issues too.

@bw012 We have safeguards in place to prevent any fraud, and you can add more to your account with the info here https://www.xfinity.com/support/articles/protecting-from-fraud. If you are a victim of fraud on your phone or service, use the resources here https://www.xfinity.com/idtheftclaimform to help.