Hackers hacked a company that is engaged in routing SMS operators in the United States

Hackers have broken into the Syniverse network, which provides SMS routing services to most of the major telecom operators in the United States. Hack took place even five years ago and attackers had access to her databases, compromising the credentials of hundreds of customers.

Syniverse provides text messaging and routing services to over 300 mobile operators, including giants such as Vodafone, AT&T, T-Mobile, Verizon, America Movil, Telefonica, and China Mobile.

The company is so big that it boasts on its official website that its clients are “almost all mobile operators, the world’s largest banks, the world’s largest technology companies.”

According to official statistics, the Syniverse infrastructure processes more than 740 billion messages annually, providing communication between mobile network operators.

Documents sold by the company to the US Securities and Exchange Commission indicate that an unauthorized third party entered the Syniverse network and repeatedly accessed the company’s databases. The leak was discovered in May 2021, and then an investigation was launched, which revealed that hackers had infiltrated the Syniverse network back in 2016.

For five years, hackers retained access to Syniverse’s internal databases and compromised Electronic Data Transfer (EDT) login credentials of approximately 235 customers.

At the same time, the company notes that the investigation did not reveal any attempts to disrupt its work or profit from hacking. Unfortunately, the company does not rule out the possibility of data theft, which could affect its business, employees, customers, suppliers and sellers, and may also be used for cyberattacks in the future.

Considering the role of Syniverse in the work of mobile operators, it is easy to understand what data hackers could access, this is data about the sources of messages, their destination, time stamps, location, and possibly even the content of the SMS itself.

The company does not disclose any data other than those presented in the report to the authorities, citing an ongoing investigation.

The Vice Motherboard quotes an anonymous person working for a telecom operator. The source said that Syniverse attackers could have access to metadata, including the length and cost of messages, information about subscribers and their numbers, location, as well as the content of text messages.

Let me remind you that we also talked about the 6,000 Coinbase User Accounts Hacked Due to Multi-Factor Authentication Bug.