SIM Swap Disaster: 5 Business Lessons from AJ Styles' X Hack

Sometimes, even when you take all the right precautions, sophisticated hackers find ways to break through your online defenses. Just ask WWE superstar AJ Styles, whose X account was recently compromised despite his security measures. This incident reveals an often-overlooked vulnerability: your phone number itself.

In this post, we'll examine what happened to AJ Styles, explain SIM swapping attacks, break down how these attacks work, and share five essential strategies to protect your business accounts.

The AJ Styles X Hack: What Happened?

‍

‍

On May 4, 2025, professional wrestler AJ Styles discovered his X account had been hacked and his phone number had been disabled. When AJ discovered this, he used his wife's phone to check his accounts and noticed the unusual activity. The situation quickly became clear - not only was his social media compromised, but his SIM card had been stolen too.

Styles directly blamed his mobile carrier, AT&T, claiming someone at the company had allowed the unauthorized SIM transfer to happen. The hacker used Styles' account to post cryptocurrency scams, a common tactic in these attacks.

This is the exact same story we hear all the time. For example, just last month alone we’ve already seen Samsung, Mr. Beast, and the UEFA Champions League being hacked. However, what’s different is that this time, it involved a SIM card.

Based on the details Styles shared, this appears to be a classic SIM swap scam - an attack that bypasses traditional security measures by targeting your phone number directly.

What Is SIM Swapping? The Hidden Threat to Your Accounts

SIM swapping, also known as SIM hijacking or SIM jacking, happens when cybercriminals trick your mobile carrier into transferring your phone number to a SIM card they control. This attack gives hackers control of your digital identity linked to that phone number.

The technique exploits how mobile carriers verify customer identity and the widespread use of phone numbers for account verification. By manipulating carrier staff through social engineering, attackers gain control of your phone number - and with it, access to SMS verification codes for your accounts.

This creates a massive security problem because most social media platforms rely on the integrity of your phone number for account recovery and two-factor authentication. When attackers control your number, they can intercept verification codes and reset your passwords without much trouble.

‍

‍

According to Surfshark, while the odds of experiencing a SIM swap attack are relatively low (1 in 251), these attacks have reached record numbers with approximately 2,000 yearly victims in 2022 - about 6 people daily. The FBI investigated 1,075 SIM-swapping attacks in 2023, resulting in nearly $50 million in losses.

Executives and high-profile individuals face increasing risk from these targeted attacks, as cybercriminals focus more on those with significant financial assets or access to sensitive information. However, there is some good news: financial losses from SIM swapping have decreased by about 49% since 2022, from $199,000 to $133,700 per day.

How Does SIM Swapping Work?

SIM swapping attacks may vary slightly depending on the attacker, but they typically follow these five steps:

Step #1: Information Gathering

Attackers start by collecting personal details about their target through various methods:

Phishing emails or messages trick victims into revealing sensitive information like passwords, birth dates, addresses, or security question answers. Social engineering involves contacting you or your carrier while pretending to be you to extract information, often claiming a lost or damaged phone.

Hackers also mine data breaches for personal information and scour social media profiles for details that could help answer security questions. This preliminary research helps them impersonate you convincingly in the next phase.

Step #2: Contacting Your Mobile Carrier

After gathering enough personal information, attackers contact your mobile provider posing as you. They claim they need to activate a new SIM card due to loss, damage, or an upgrade.

Using the personal details they've gathered, hackers answer security verification questions correctly, building credibility with customer service representatives. Mobile carriers typically rely on knowledge-based authentication, which becomes ineffective when attackers already possess your personal information.

Step #3: SIM Transfer

If the attacker successfully convinces the carrier, the company transfers your phone number to the new SIM card in their possession. This action immediately deactivates your original SIM card.

Once the transfer completes, you lose all cellular service – no calls, texts, or mobile data. This sudden service disruption is often the first sign your number has been hijacked, but by then, attackers already have control.

Step #4: Account Takeover

With control of your phone number, attackers can intercept any SMS-based verification codes sent to your number. This allows them to reset passwords for your online accounts using the "forgot password" option.

They can bypass two-factor authentication that relies on SMS verification and access email, social media, banking, and cryptocurrency accounts. Within minutes, attackers can lock you out of your own accounts by changing recovery methods and security settings.

Step #5: Exploiting Access

Once inside your accounts, hackers can change passwords, security questions, and recovery methods to maintain control. They might post fraudulent content, access private messages, or impersonate you to your followers.

For businesses, this stage can be particularly damaging as attackers might steal sensitive information, damage your brand reputation, or use your platform to scam your audience – exactly what happened in the AJ Styles case with cryptocurrency scams.

How To Protect Your Organization From X Hacks

Protecting your business from SIM swapping attacks requires multiple security layers. That said, while no single measure provides complete protection, combining these strategies creates robust defenses against sophisticated attacks.

1) Create A Social Media Policy

‍

‍

A social media policy forms a crucial part of your security strategy. Since hackers begin attacks by gathering personal information from social profiles, your policy should limit what employees share online.

Your policy should outline what information employees can share publicly, who has access to company accounts, and security protocols for managing social media. Clear guidelines help prevent information leaks that could facilitate social engineering attacks.

This document should include password management requirements, two-factor authentication protocols, and instructions for handling suspicious messages or potential security breaches. Regular policy reviews ensure your defenses stay updated against evolving threats.

2) Create A Crisis Management Plan

A crisis management plan provides a framework for responding effectively when security incidents occur. This proactive approach helps minimize damage and recovery time if your accounts are compromised.

Your plan should include step-by-step procedures for identifying, containing, and recovering from security breaches. Define clear roles and responsibilities so team members know exactly what to do during a crisis.

Include communication templates for notifying stakeholders and customers about security incidents. The plan should also outline backup measures for maintaining communication if primary social channels become inaccessible.

3) Train Your Team To Recognize Attacks

Equip your team with knowledge to identify potential security threats before they escalate into full-blown attacks. Regular training helps staff recognize phishing attempts, social engineering tactics, and other warning signs.

Conduct workshops that include simulated phishing attempts and security breach scenarios. These practical exercises build muscle memory for proper security responses.

Technical training should cover secure password practices, proper use of authentication apps, and procedures for reporting suspicious activities. Make security awareness part of your company culture, not just an annual training requirement.

4) Create A Rapid Response Team (RRT)

A Rapid Response Team provides immediate attention to security threats when minutes matter. This specialized team can quickly detect, analyze, and respond to potential breaches before significant damage occurs.

Your RRT should include members with diverse skills – IT security specialists, communications experts, and legal advisors. Establish clear roles and communication protocols so the team can function efficiently during high-pressure situations.

The team should track key performance indicators that might signal security problems and identify early warning signs of potential issues. Regular drills help ensure team members can execute their responsibilities effectively during actual incidents.

5) Use A Social Media Security Tool To Protect Your Accounts

Social media security tools provide specialized protection against threats targeting your online presence. These solutions monitor your accounts for suspicious activities that might indicate compromise.

These tools range from password managers and authentication apps to comprehensive platforms that monitor for threats across multiple channels. They help maintain privacy, control your online presence, and safeguard valuable digital assets.

‍

‍

One clear example of these tools is Spikerz. Spikerz constantly monitors your social media accounts for unauthorized access attempts, suspicious messages, and unusual activity patterns. When it detects a potential SIM swap attack, it takes immediate action – kicking out intruders, automatically changing your password, and alerting you to the threat.

The platform identifies and blocks malicious content, phishing attempts, and spam while providing continuous protection against account takeovers. By implementing these advanced security measures, you create multiple barriers that make successful attacks significantly more difficult.

Is Your Business Prepared For Sophisticated Attacks Like SIM Swapping?

If you're not using a specialized security tool to protect your social media accounts, you're leaving your digital front door unlocked. Don't wait until after a breach to take security seriously. Protect your brand, audience, and reputation with Spikerz before hackers strike.

Conclusion

AJ Styles’ X hack shows us that even security-conscious people remain vulnerable to sophisticated attacks like SIM swapping. These attacks bypass traditional security measures by exploiting the weakest link in the authentication chain – your phone number.

However, if you implement a comprehensive security strategy that includes clear social media policies, crisis management plans, team training, rapid response capabilities, and specialized security tools, you’ll build multiple defensive layers around your business accounts. This approach doesn't just protect against today's threats – it creates a security foundation that adapts to evolving attack methods.

Your social media accounts are valuable business assets that deserve professional-grade protection. Take action now to implement these security measures before your accounts become the next cautionary tale in the growing list of high-profile social media breaches.