Syniverse Telecom Company Admits Hackers Accessed its Systems Since 2016
Table of Contents
- By Dawna M. Roberts
- Published: Oct 28, 2021
- Last Updated: Mar 18, 2022
A huge telecom provider working with AT&T, T-Mobile, Verizon, and others admits it was the victim of a data breach lasting five years affecting 200+ of its clients and millions of cell phone owners.
What Happened?
Syniverse, a global communications company, provides text message routing services to hundreds of wireless companies. Some of its clients are T-Mobile, AT&T, Vodafone, Telefonica, China Mobile, and Verizon. It also services many corporations in the financial industry.
The company filed a data breach notification with the U.S. Security and Exchange Commission (SEC) on September 27, revealing that it had been the victim of a five-year-long data breach affecting 235 of its high-profile clients and potentially millions of end-users.
Syniverse said in its report that an “individual or organization gained unauthorized access to databases within its network on several occasions, and that login information allowing access to or from its Electronic Data Transfer (EDT) environment was compromised for approximately 235 of its customers.”
“All EDT customers have been notified and have had their credentials reset or inactivated, even if their credentials were not impacted by the incident. All customers whose credentials were impacted have been notified of that circumstance” the company added.
“While Syniverse believes it has identified and adequately remediated the vulnerabilities that led to the incidents described above, there can be no guarantee that Syniverse will not uncover evidence of exfiltration or misuse of its data or IT systems from the May 2021 Incident, or that it will not experience a future cyber-attack leading to such consequences.”
An anonymous employee of Syniverse told Motherboard that the records accessed by hackers had all types of information on them, including the details of private text messages. Experts theorize that the information accessed could have included the length of calls, cost, sender and receivers’ phone numbers, and the locations of each party on the call.
According to the unnamed source, “Syniverse is a common exchange hub for carriers around the world passing billing info back and forth to each other. So, it inevitably carries sensitive info like call records, data usage records, text messages, etc. […] The thing is—I don’t know exactly what was being exchanged in that environment. One would have to imagine though it easily could be customer records and [personal identifying information] given that Syniverse exchanges call records and other billing details between carriers.”
The company mentioned in its SEC filing that they discovered the breach in May 2021 but found it dated back to May 2016.
Who is Syniverse?
According to Vice.com “Syniverse provides backbone services to wireless carriers like AT&T, Verizon, T-Mobile, and several others around the world. The company processes more than 740 billion text messages every year and has “direct connections” to more than 300 mobile operators around the world, according to its official website. Ninety-five of the top 100 mobile carriers in the world, including the big three U.S. ones, and major international ones such as Telefonica, and America Movil, are Syniverse customers, according to the filing.”
Syniverse is a big player in the text-message game. In February 2019, on Valentine’s Day, due to some routine maintenance, the company lost tens of thousands of text messages on while in transit. The messages that were lost on route showed up months later. The company boasts of routing more than 740 billion text messages every year for 300+ mobile carriers.
The information came to light only because of a possible merger forcing Syniverse to file a report with the SEC. Threat experts suspect a nation-state intelligence group behind the raid.