I’ve “locked” my number and it requires a transfer PIN. I hope Verizon’s systems won’t allow a transfer without that pin even with a malicious employee, however I wouldn’t be surprised if they are able to override it.
Apparently my attacker had a fake ID with my name and their photo. It’s possible a store employee could override the transfer lock if they are sufficiently convinced it’s really me.
I've heard many cases of transfer locks being broken. From what I understand, it is even possible to simjack at a higher level than the individual telco.
Thus, I don't even bother with stuff like this, the only solution in my eyes is to not rely on SMS 2FA and if you absolutely have to, at least use a GV number. While GV isn't totally secure either, at least it is disconnected a tiny bit from my cell number and doesn't have humans backing it (we all know that Google never answers the support phone).
