People should take care of their privacy generally. Such problems do actually exist because people are posting personal details voluntarily. Many people think: "Oh that's my phone number only here, nothing else." But they have more than one account somewhere and clever people can put detail by detail together until another one would be able to steal the identity. To take over ones phone number several factors have to come together. Finally each SIM has an unique identifier regardless of phone number that's on it. Serious providers do only send the new SIM to the original home address of the owner of the original SIM card. And the change process does only work when having both SIMs at once. A simple check would be that the change process would only work on the owners phone (same IMEI). Or at least check-out of old SIM and registration of new SIM has to be verified with a second factor. The one that wants to take over the phone number usually has no access to the original SIM. Even if physically available it should be protected by PIN.
If you were right any IMEI of the 'free' phones (phones without provider contract) would be useless. Technically it doesn't matter. Whenever you are logged in the network provider can query the IMEI of the phones that are logged in in his network. Tracking by IMEI by a certain provider is possible unless one changes it. The problem is that there is no cooperation of different cellular network providers. Changing the network (SIM) usually means that tracking by IMEI is lost at first place. There is no logistic. A proper SIM change process is available, though. ATM it works here like that: You make a porting request and mostly have to pay for that service. (Here should be already proper identification of the owner). At some providers it only works by requesting an UPC (Unique Porting Code) first to be sent via SMS to your phone (the original phone number). This is meant to be a second factor for authorization. You have to present that received UPC when making the request in writing. After that you get a confirmation that your phone number is ready to get ported. You chose a new provider saying that you want to keep your old phone number and you present the old phone number, your name and date of birth. The new provider checks if the phone number is really ready to get ported and after verification he sends a new SIM to THE SAME home address he's got from the old provider. By that you get separately a letter with the porting date and porting procedure. Years ago it was a special date where the old SIM stopped working, the porting date. You simply had to insert the new one and it started to work. Today you have to check out the old one within a given period of time first. You determine the exact porting date yourself.
You are right, some providers may not. require authentication with a secure second factor e.g. SMS message and instead just go by personal details. In order to hack, you don’t have to be technical, just sneaky. Some providers have to tighten up on security checks
This story is nonsensical and, as written, doesn't really make any sense: no SIM replacement procedure occurs as depicted, even if someone should get hold of your phone number it would require much more than that to get into your accounts.
Spoiler: RUS LastPass уже продан частному контору, одной из них Управляющая корпорация Эллиотт с 2011 года в составе BOP (Федеральное бюро тюрем). (transfer) LastPass has already been sold to three private offices, one of them Elliott Management Corporation since 2011 as part of the BOP (fedral bureauof Prisons). How true is the information?