Story image

Mega breach: 800,000 Swisscom customers’ data stolen via hacked partner

09 Feb 2018

News broke recently of a huge data leak at major Swiss telco provider, Swisscom.

Affecting around 800,000 customers, the leak came when security at an external sales partner was breached, prompting the Swiss group to tighten access to its files.

Swisscom stressed that the leaked data contained only "non-sensitive information" like customers' names, addresses, telephone numbers and dates of birth, with no hyper sensitive information like passwords or payment data

High-Tech Bridge CEO Ilia Kolochenko and WinMagic EMEA VP Luke Brown say this "non-sensitive information" is anything but, and while Swisscom may be playing the incident down, the implications of the breach will be far and wide.

"Globally speaking, it's a drop in the multi-billion ocean of data breaches. However, for Switzerland, it is a very important data breach that will likely impact almost every family in the country,” Kolochenko says.

"The allegedly stolen data provides cyber criminals with a great wealth of opportunities: from impersonation and password recovery, to various spear phishing and sophisticated fraud campaigns. Switzerland is one of the most wealthy countries and represents a great interest for cyber gangs. This data can be exploitable during the next few years and may cause substantial harm in the long run.”

Brown says the breach and Swisscom's claim that the customer data taken is non-sensitive underlines a huge misunderstanding between many companies and their customers.

"Customers share data on the basis that it will be respected and protected – to them all data shared privately is sensitive," Brown says.

"The industry has spent years telling web users how to protect themselves from Identity fraud, and now the industry has to eat its own dog food, and make sure all customer data is persistently encrypted and protected from data breaches – it is the last line of defence for customers and the company.”

It all came to light during a routine check of operations that revealed malicious parties had stolen access rights of the sales partner late last year to ultimately swindle the data from Swisscom.

Since the breach, Swisscom has blocked the unknown partner’s access and put in place new policies that ban high volume queries for all customer information and require two-factor authentication for all data access by sales partners.

Kolochenko says security of third-parties (like partners) is a major and widely unaddressed problem these days, with many large financial institutions and e-commerce businesses already having lost millions of records because of hacked third-parties.

“Cyber criminals won't assault the castle, but will instead find a weak supplier with legitimate access to the crown jewels. However, the good news is that we see more and more companies who rigorously implement, for example, vendor risk assessment policies now, to prevent such risks,” says Kolochenko.

“Swisscom's efforts to mitigate and investigate the breach are laudable, but they won't really help the victims. Free webinars on cyber security and phishing prevention for the victims would be very helpful to prevent exploitation of the stolen data and to raise their overall level of security awareness."

Oracle updates enterprise blockchain platform
Oracle’s enterprise blockchain has been updated to include more capabilities to enhance development, integration, and deployment of customers’ new blockchain applications.
Used device market held back by lack of data security regulations
Mobile device users are sceptical about trading in their old device because they are concerned that data on those devices may be accessed or compromised after they hand it over.
Gartner names ExtraHop leader in network performance monitoring
ExtraHop provides enterprise cyber analytics that deliver security and performance from the inside out.
Symantec acquires zero trust innovator Luminate Security
Luminate’s Secure Access Cloud is supposedly natively constructed for a cloud-oriented, perimeter-less world.
Palo Alto releases new, feature-rich firewall
Palo Alto is calling it the ‘fastest-ever next-generation firewall’ with integrated cloud-based DNS Security service to stop attacks.
Facebook fights fake news ahead of Africa elections
“We also show related articles from fact-checkers for more context and notify users if a story they have shared is rated as false.”
The right to be forgotten online could soon be forgotten
Despite bolstering free speech and access to information, the internet can be a double-edged sword, because that access to information goes both ways.
Opinion: 4 Ransomware trends to watch in 2019
Recorded Future's Allan Liska looks at the past big ransomware attacks thus far to predict what's coming this year.