Stories
Slash Boxes
Comments

SoylentNews is people

SoylentNews is powered by your submissions, so send in your scoop. Only 15 submissions in the queue.

Largest Mobile SMS Routing Firm Discloses Five-Year-Long Breach

posted by martyb on Thursday October 07 2021, @11:36AM   Printer-friendly
from the NOW-you-tell-me!? dept.

upstart writes:

Largest mobile SMS routing firm discloses five-year-long breach:

Syniverse, a service provider for most telecommunications companies, disclosed that hackers had access to its databases over the past five years and compromised login credentials belonging to hundreds of customers.

Self-described as “the world’s most connected company,” Syniverse provides text messaging routing services to over 300 mobile operators, among them Vodafone, AT&T, T-Mobile, Verizon, America Movil, Telefonica, and China Mobile.

Syniverse is so big that it brags about having as its customers “nearly every mobile communications provider, the largest global banks, the world’s biggest tech companies.”

[...] In a filing on September 27 with the U.S. Securities and Exchange Commission (SEC) spotted by Motherboard journalist Lorenzo Franceschi-Bicchierai, Syniverse disclosed that an unauthorized party accessed on several occasions databases on its network.

When the company became aware of the intrusions in May 2021, an internal investigation began to determine the extent of the hack.

“The results of the investigation revealed that the unauthorized access began in May 2016,” the company reveals in the SEC filing.

For five years, hackers maintained access to Syniverse internal databases and compromised the login data for the Electronic Data Transfer (EDT) environment belonging to about 235 customers.

“All EDT customers have been notified and have had their credentials reset or inactivated, even if their credentials were not impacted by the incident. All customers whose credentials were impacted have been notified of that circumstance” - Syniverse

Also at Business Insider, Security Week, and Ars Technica

Original Submission

 
This discussion has been archived. No new comments can be posted.
Largest Mobile SMS Routing Firm Discloses Five-Year-Long Breach | Log In/Create an Account | Top | 13 comments | Search Discussion
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.

  • (Score: 0) by Anonymous Coward on Thursday October 07 2021, @06:57PM

    by Anonymous Coward on Thursday October 07 2021, @06:57PM (#1185259)

    not even 5 minutes!
    that timeout was added because they know that sms is insecure, but a short time make it harder to be abused, as it have a 1 minute window to abuse it, too short if he isn't the one requesting the sms already

    hell, even GSM is known to be insecure, but operators don't want to fix it because it is expensive, phone builders because require more hardware, no standard, lower battery life and higher cost... government because this way they can listen to any call when needed and end-user usually do not care/know/understand crypto and privacy