A text message routing company suffered a five-year-long breach. Syniverse is a telecom company that handles carriers like Verizon, AT& T, and T-Mobile in routing messages between each other and many other carriers abroad. The company however disclosed that it was the subject of a five-year-long hack last week.
A Text Message Routing Company Suffered a Five-Year-Long Breach
The name may sound familiar to you as the same company was responsible for the disappearance of Valentine’s Day messages back in 2019. In a Securities and Exchange Commission filing published last week by Syniverse, the hack was brought to light. The company Syniverse in a statement said that in May 2021 “it became aware of unauthorized access to its operational and information technology systems by an unknown individual or organization.”
The company after discovering the hack notified law enforcement immediately and also conducted an internal investigation that resulted in the discovery that the breach or hack rather first started in May 2016.
When Did the Hack Start?
The hack dated back as far as 2016. The filing reads “the hackers gained unauthorized access to databases within its network on several occasions, and that login information allowing access to or from its electronic data transfer (EDT) environment was compromised for approximately 235 of its customers.” And this could include access to not just call records but also metadata like phone numbers, locations, and content of text messages according to a report on Motherboards sources.
What Syniverse and Other Customers Had To Say Regarding the Breach
According to Syniverses’ SEC filing, the company notified anyone that was caught up in the hack and also reset credentials were appropriate. The filing also states that “Syniverse did not observe any evidence of intent to disrupt its operations or those of its customers and there was no attempt to monetize the unauthorized activity.”
In a request for comment by various tech blogs, AT & T, Verizon and Syniverse did not respond. However, T-Mobile did tell Ars Tecnica that it was aware of the security incident with Syniverse. They also added that there is no indication however that any personal information call record details or text message content of T-Mobile customers were impacted.
When Was the Breach Revealed?
Although the company just revealed about the hack on its systems dating back 5 years now, the breach was revealed just as the company is about to go public via a merger with a special purpose acquisition company (SPAC). However, the company seems like a target in the first place due to its size. The company spent the better part of the last decade becoming a quasi-gatekeeper or multiple US carriers via acquisitions. When it comes to businesses like Syniverse, size matters, but it even matters more when something with the company goes wrong.