New FCC rule could create risks for crypto users

The Federal Communications Commission is considering a new rule that would require phone companies to collect and store personal details from customers. These details include names, addresses, government IDs, and backup phone numbers. The proposal is meant to fight illegal robocalls, but it could unintentionally make phone accounts more dangerous for cryptocurrency users. Phone numbers are already a weak point in crypto security. They’re used for account recovery, two-factor verification, and logging into exchanges. If attackers take over a phone number—through something like a SIM swap—they can reset passwords and drain crypto wallets. A 2025 court case showed how this works: attackers stole over $5 million in Bitcoin by hijacking phone accounts. Even government agencies aren’t safe. In 2024, someone hijacked the SEC’s X account by swapping a phone number, showing how one weak link can lead to big problems.

The FCC’s rule would give phone companies even more data to protect. They’d keep records for four years after a customer leaves. That treasure trove of personal info—names, addresses, IDs—could make phone accounts a prime target for hackers. A single breach could expose lists of phone numbers tied to real identities, making attacks like SIM swapping easier and more damaging. Some experts warn this creates a dangerous trade-off. The more data companies store, the more valuable phone accounts become. For crypto users worried about theft or physical attacks, the risk grows. Others argue the rule might not need to apply to everyone. Limiting the data collection to big business customers could still fight robocalls while leaving regular users with less risk. The final decision matters. Will the FCC protect users from spam calls at the cost of crypto security? Or will it find a middle ground that balances both concerns? The answer could shape how safe—or unsafe—phone-based accounts are for years to come.

Actions