SoylentNews

upstart [soylentnews.org] writes:

████ # This file was generated bot-o-matically! Edit at your own risk. ████

Largest mobile SMS routing firm discloses five-year-long breach [bleepingcomputer.com]:

Syniverse, a service provider for most telecommunications companies, disclosed that hackers had access to its databases over the past five years and compromised login credentials belonging to hundreds of customers.

Self-described as “the world’s most connected company,” Syniverse [syniverse.com] provides text messaging routing services to over 300 mobile operators, among them Vodafone, AT&T, T-Mobile, Verizon, America Movil, Telefonica, and China Mobile.

Syniverse is so big that it brags about having as its customers “nearly every mobile communications provider, the largest global banks, the world’s biggest tech companies.”

Breach tracked to May 2016

In a filing on September 27 with the U.S. Securities and Exchange Commission (SEC) spotted by Motherboard [vice.com] journalist Lorenzo Franceschi-Bicchierai, Syniverse disclosed that an unauthorized party accessed on several occasions databases on its network.

When the company became aware of the intrusions in May 2021, an internal investigation began to determine the extent of the hack.

“The results of the investigation revealed that the unauthorized access began in May 2016,” the company reveals in the SEC filing [sec.gov].

For five years, hackers maintained access to Syniverse internal databases and compromised the login data for the Electronic Data Transfer (EDT) environment belonging to about 235 customers.

“All EDT customers have been notified and have had their credentials reset or inactivated, even if their credentials were not impacted by the incident. All customers whose credentials were impacted have been notified of that circumstance” - Syniverse

Huge node for mobile communications

The company notes that its investigation did not reveal intent to disrupt operations or to monetize from the intrusion.

Even if the investigation did not find any evidence, the company does not exclude the possibility of data exfiltration, which could impact its business, employees, customers, suppliers, and vendors, and could also lead to a future cyber attack.

From its role as an intermediary between mobile carriers, it is easy to infer the type of data the hackers could access by breaching Syniverse: at least details about the source, destination, timestamps, general location, and possibly the content of the text messages.

According tot he company, its infrastructure processes more than 740 billion messages every year, enabling interconnectivity between mobile network operators and giving them "unparalleled visibility into all messages hitting your network".

Syniverse describes itself as “the world’s most connected company” with a “secure global network [that] reaches almost every person and device on Earth.”

Given the part Syniverse plays in mobile communication around the world and the trove of sensitive information it needs to protect, the details about the breach and the goal of the intruder are likely to receive more scrutiny from national-level regulatory bodies.

Hackers Had Access to Billions of Texts Through Telecom Company Breach [businessinsider.com]:

• Syniverse, a major telecommunications company, said hackers had been in its system for years.
• The data breach exposed billions of text messages and millions of cell phone users' data.
• Syniverse itself said that almost all mobile carriers rely on its network.

10 Things in Tech: Get the latest tech trends & innovations Email address By clicking ‘Sign up’, you agree to receive marketing emails from Insider as well as other partner offers and accept our Terms of Service [businessinsider.com] and Privacy Policy [businessinsider.com].

Telecommunications giant Syniverse disclosed to the Securities and Exchange Commission last week that hackers had infiltrated its systems, a breach that exposed billions of text messages and millions of cell phone users' data over the past five years.

Syniverse, which counts AT&T, Verizon, and T-mobile as some of its clients, announced in a filing dated September 27 to the SEC that the company's investigation found that unauthorized access to its systems began in May 2016 [sec.gov], although the company didn't discover the breach until May 2021.

"Syniverse has experienced, and may in the future face, hackers, cybercriminals or others gaining unauthorized access to, or otherwise misusing, its systems to misappropriate its proprietary information and technology, interrupt its business, and/or gain unauthorized access to its or its customers' confidential information," the company said in its SEC filing.

The company revealed the security breach as it prepares to go public via a merger with M3-Brigade Acquisition II Corp, a special purpose acquisition company. Syniverse did not immediately respond to Insider's request for comment.

The company said the breach compromised login information for 235 of its clients and that the company contacted its clients who had been affected and had notified law enforcement. In previous press releases, Syniverse has described itself as a company that "fuels mobile communications for nearly every person and device in the world [syniverse.com]."

A former Syniverse employee told Vice that Syniverse systems often carry sensitive information, like text messages and call records, and that the hackers could have accessed this information as well [vice.com].

Syniverse processes 740 billion texts daily [syniverse.com], according to the company website.

"Syniverse systems have direct access to phone call records and text messaging, and indirect access to a large range of Internet accounts protected with SMS 2-factor authentication," Karsten Nohl, a security researcher, told Vice. "Hacking Syniverse will ease access to Google, Microsoft, Facebook, Twitter, Amazon and all kinds of other accounts, all at once."

Read the full story about Syniverse in Vice [vice.com].

Sign up for notifications from Insider! Stay up to date with what you want to know. Subscribe to push notifications

Also at Ars Technica [arstechnica.com]

Original Submission