A few hours ago a massive data sale of about 2.5 million users was announced . mobile , a virtual telephone operator managed by Vodafone. Among the information taken by storm there are not only the personal data of the users but also information related to the details of the sim. In the first hours, the company did not confirm or deny the news about a cyber attack that justified this loss and consecutive sale of data. There is a recent report that the problem is not due to cyber attacks. Despite this, an investigation will soon be launched which will allow ho. mobile to know the extent of the damage.
" With reference to some indiscretions published by the press, ho.mobile has no evidence of massive access to its IT systems that have jeopardized the customer base data "
This is the official statement released by ho. mobile.
Consequences of the sale of data
The event that happened today should not be underestimated as the sale of data and information related to the sim can lead to effects that are not considered. In fact, among the stolen information there is also the telephone number of the users and the ICCID serial number of the sims which, if used improperly, could be used for portability to other operators. Unfortunate customers may therefore no longer be able to recover their number. Furthermore, it must be borne in mind that many sites and services use two-phase authentication linked to the sending of sms. Imagine how many bank transactions or passwords could be lost this way.
What can the user do if a theft of this kind occurs? Unfortunately nothing, since the guarantors of privacy in this case are the telephone companies that hold all this information in their database. We therefore hope that none of this has happened even if we will have to wait for the outcome of the investigation.
But how did we find out about this event?
Bank Security's Twitter announcement
On the Twitter profile of Bank Security, a computer security site considered particularly reliable, the news appeared that the data of millions of users would be sold on the dark web. The data shown in the screenshots have been blanked but show a rich list of information.
It will be necessary to verify the veracity of this information offered for sale, certainly this event does not bring much good to the visibility of the company. Furthermore, if this data sale were to be confirmed, I may necessarily have to replace the sims for all its customers in order to better protect the privacy of users.
More examples of data sales
Today's is just one of the latest examples of events of this sense. A few months ago another virtual operator, Lycamobile was the victim of a cyber attack. In that case, the sale of data was essentially linked to identity documents and personal data of users.
Or to return to recent news, the SNAI site in recent days has been the victim of a cyber attack. In the latter case, the company itself confirmed the attack. Fortunately, the attack against SNAI only led to slowdowns on the betting agency's website and not to users' gaming accounts.
On the dark web there are several announcements regarding the sale of user data, from information on medical records to those of PayPal accounts. It is a very profitable black market, just think that some of this information can cost hundreds of euros.
It seems that the cybersecurity officers have a lot of work in recent days. Between server malfunctions and outsiders accessing databases it will take a lot of skill to foil all possible attacks.
The article In the dark web selling data of 2.5 million users I have. mobile comes from Tech CuE .