English

English

Home » Largest mobile SMS routing company reveals five-year breach

Largest mobile SMS routing company reveals five-year breach

SMS routing company Syniverse reveals five-year breach

Synverse, a service provider for most carriers, has revealed that hackers have gained access to its databases for the past five years and compromised login credentials belonging to hundreds of customers.

Describing itself as “the most connected company in the world”, Syniverse provides text messaging routing services to more than 300 mobile operators, including Vodafone, AT&T, T-Mobile, Verizon, America Movil, Telefonica and China Mobile.

Synverse is so big that it boasts of having “almost every mobile communications provider, the world’s biggest banks, the world’s biggest technology companies” as its customers.

Violation followed until May 2016

In a Sept. 27 filing with the U.S. Securities and Exchange Commission (SEC) spotted by Motherboard reporter Lorenzo Franceschi-Bicchierai, Syniverse revealed that an unauthorized party had repeatedly accessed the databases of its network.

When the company became aware of the intrusions in May 2021, an internal investigation began to determine the extent of the hack.

“The results of the investigation revealed that the unauthorized access began in May 2016,” the company reveals in the SEC filing.

For five years, hackers maintained access to Syniverse’s internal databases and compromised electronic data transfer environment (EDT) connection data belonging to approximately 235 customers.

“All EDT customers have been notified and their credentials have been reset or disabled, even though their credentials have not been affected by the incident. All customers whose credentials have been assigned have been informed of this circumstance ”- Synverse

Huge node for mobile communications

The company notes that its investigation revealed no intention to disrupt operations or monetize the intrusion.

Even though the investigation found no evidence, the company does not rule out the possibility of data exfiltration, which could impact its business, employees, customers, suppliers and vendors, and could also lead to a future cyberattack.

From its role as an intermediary between mobile operators, it is easy to deduce the type of data that hackers could access by breaking Syniverse: at least details about the source, destination, timestamps, general location and possibly the content of text messages.

According to the company, its infrastructure processes more than 740 billion messages each year, enabling interconnectivity between mobile network operators and giving them “unparalleled visibility into all messages arriving on your network.”

Syniverse describes itself as “the most connected company in the world” with a “secure global network [that] reaches almost every person and device on Earth.

Given the role Syniverse plays in mobile communications around the world and the wealth of sensitive information it must protect, the details of the breach and the intruder’s objective are likely to be subject to scrutiny. further scrutiny by regulators at the national level.

LEAVE A REPLY

Please enter your comment!
Please enter your name here

Stay on Top - Get the daily news in your inbox

Trending this Week