Hackers hacked a company that is engaged in routing SMS operators in the United States

Hackers have broken into the Syniverse network, which provides SMS routing services to most of the major telecom operators in the United States. Hack took place even five years ago and attackers had access to her databases, compromising the credentials of hundreds of customers.

Syniverse provides text messaging and routing services to over 300 mobile operators, including giants such as Vodafone, AT&T, T-Mobile, Verizon, America Movil, Telefonica, and China Mobile.

The company is so big that it boasts on its official website that its clients are “almost all mobile operators, the world’s largest banks, the world’s largest technology companies.”

According to official statistics, the Syniverse infrastructure processes more than 740 billion messages annually, providing communication between mobile network operators.

Documents sold by the company to the US Securities and Exchange Commission indicate that an unauthorized third party entered the Syniverse network and repeatedly accessed the company’s databases. The leak was discovered in May 2021, and then an investigation was launched, which revealed that hackers had infiltrated the Syniverse network back in 2016.

For five years, hackers retained access to Syniverse’s internal databases and compromised Electronic Data Transfer (EDT) login credentials of approximately 235 customers.

All EDT customers were notified of the incident and their credentials were reset or deactivated, even if they were not affected by the incident. All clients whose credentials were affected were notified of this circumstance.assures Syniverse.

At the same time, the company notes that the investigation did not reveal any attempts to disrupt its work or profit from hacking. Unfortunately, the company does not rule out the possibility of data theft, which could affect its business, employees, customers, suppliers and sellers, and may also be used for cyberattacks in the future.

Considering the role of Syniverse in the work of mobile operators, it is easy to understand what data hackers could access, this is data about the sources of messages, their destination, time stamps, location, and possibly even the content of the SMS itself.

The company does not disclose any data other than those presented in the report to the authorities, citing an ongoing investigation.

Given the confidential nature of our customer relationship and pending law enforcement investigations, we are not making further public statements on this matterюsays Syniverse.

The Vice Motherboard quotes an anonymous person working for a telecom operator. The source said that Syniverse attackers could have access to metadata, including the length and cost of messages, information about subscribers and their numbers, location, as well as the content of text messages.

Syniverse is a unified exchange hub for operators around the world, transmitting billing information to each other,” says the source. “So it inevitably contains sensitive information, including call records, data usage records, text messages, and so on […] The question is, I don’t know what exactly they were exchanging in this environment. It’s easy to imagine that it could have been customer records and [personal identification information].

Let me remind you that we also talked about the 6,000 Coinbase User Accounts Hacked Due to Multi-Factor Authentication Bug.

User Review
0 (0 votes)
Comments Rating 0 (0 reviews)

Daniel Zimmermann

Daniel Zimmermann has been writing on security and malware subjects for many years and has been working in the security industry for over 10 years. Daniel was educated at the Saarland University in Saarbrücken, Germany and currently lives in New York.

Related Articles

Leave a Reply

Your email address will not be published. Required fields are marked *


This site uses Akismet to reduce spam. Learn how your comment data is processed.

Back to top button