I had a phone number hijacked a few years ago, and it took a lot of perseverance to retake control of the number. The phone company (AT&T) didn't know how to handle it. What they did understand is how to close an account. So one of the times I regained control (only to be sure I'd lose it again, soon) I quickly got them to delete the account. That did it.
Ever since that happened and I see a system for 2FA that is based on a phone number, I think it's just security theater, they must know there's nothing secure about it.
I had a phone number hijacked a few years ago, and it took a lot of perseverance to retake control of the number. The phone company (AT&T) didn't know how to handle it. What they did understand is how to close an account. So one of the times I regained control (only to be sure I'd lose it again, soon) I quickly got them to delete the account. That did it.
Ever since that happened and I see a system for 2FA that is based on a phone number, I think it's just security theater, they must know there's nothing secure about it.