O2-Telefonica in Germany has confirmed to Süddeutsche Zeitung that some of its customers have had their bank accounts drained using a two-stage attack that exploits SS7.
In other words, thieves exploited SS7 to intercept two-factor authentication codes sent to online banking customers, allowing them to empty their accounts. The thefts occurred over the past few months, according to multiple sources.
SMS (aka text message) is not a secure means of communication, and that isn’t anything new either. Keep that in mind when you send details, and use two-factor authentication that doesn’t rely on other means of verification too.