Syniverse, a text message routing company, just disclosed it had been hacked for years

|
,

Syniverse, you probably have never heard of this company in your life, but they are likely a big part of yours. Syniverse is a company responsible for delivering billions of text messages from one user to another, and it’s used by the likes of AT&T, Verizon, and T-Mobile.

Estimated reading time: 3 minutes

Syniverse has just disclosed that hackers have had unauthorized access to its systems for years, which means millions of users are affected by this. It’s important to note that it’s not only users in the United States that were impacted but also Vodafone and China Mobile users. More than 200 Syniverse clients are on the list of affected companies, which means those companies’ clients are affected as well.

The company, Syniverse, revealed in a filing dated September 27 with the U.S. Security and Exchange Commission that an unknown “individual or organization gained unauthorized access to databases within its network on several occasions, and that login information allowing access to or from its Electronic Data Transfer (EDT) environment was compromised for approximately 235 of its customers.”

A former Syniverse employee who worked on the EDT systems told Motherboard that those systems have information on all types of call records.

Syniverse repeatedly declined to answer specific questions from Motherboard about the scale of the breach and what specific data was affected, but according to a person who works at a telephone carrier, whoever hacked Syniverse could have had access to metadata such as length and cost, caller and receiver’s numbers, the location of the parties in the call, as well as the content of SMS text messages.

“Syniverse is a common exchange hub for carriers around the world passing billing info back and forth to each other,” the source, who asked to remain anonymous as they were not authorized to talk to the press, told Motherboard. “So it inevitably carries sensitive info like call records, data usage records, text messages, etc. […] The thing is—I don’t know exactly what was being exchanged in that environment. One would have to imagine though it easily could be customer records and [personal identifying information] given that Syniverse exchanges call records and other billing details between carriers.”

To give perspective as to Syniverse’s importance, due to a maintenance update in 2019, Syniverse lost tens of thousands of text messages on Valentine’s Day, which meant that the text messages were lost in transit and only delivered months later. Syniverse routes text messages between different carriers both in the U.S. and abroad, allowing people who are on Verizon’s network to communicate with customers who use another carrier. It also manages routing and international roaming between networks, using the notoriously insecure SS7 and Diameter protocols, according to the company’s site.

Motherboard

What do you think of this disclosure by Syniverse? Please share your thoughts on any of the social media pages listed below. You can also comment on our MeWe page by joining the MeWe social network.

Syniverse
Previous

Facebook outage: The morning after

New Razer Book and Razer Blade 15 Advanced laptops ship with Windows 11

Next

Latest Articles

Share via
Copy link
Powered by Social Snap