Story image

Mega breach: 800,000 Swisscom customers’ data stolen via hacked partner

09 Feb 2018

News broke recently of a huge data leak at major Swiss telco provider, Swisscom.

Affecting around 800,000 customers, the leak came when security at an external sales partner was breached, prompting the Swiss group to tighten access to its files.

Swisscom stressed that the leaked data contained only "non-sensitive information" like customers' names, addresses, telephone numbers and dates of birth, with no hyper sensitive information like passwords or payment data

High-Tech Bridge CEO Ilia Kolochenko and WinMagic EMEA VP Luke Brown say this "non-sensitive information" is anything but, and while Swisscom may be playing the incident down, the implications of the breach will be far and wide.

"Globally speaking, it's a drop in the multi-billion ocean of data breaches. However, for Switzerland, it is a very important data breach that will likely impact almost every family in the country,” Kolochenko says.

"The allegedly stolen data provides cyber criminals with a great wealth of opportunities: from impersonation and password recovery, to various spear phishing and sophisticated fraud campaigns. Switzerland is one of the most wealthy countries and represents a great interest for cyber gangs. This data can be exploitable during the next few years and may cause substantial harm in the long run.”

Brown says the breach and Swisscom's claim that the customer data taken is non-sensitive underlines a huge misunderstanding between many companies and their customers.

"Customers share data on the basis that it will be respected and protected – to them all data shared privately is sensitive," Brown says.

"The industry has spent years telling web users how to protect themselves from Identity fraud, and now the industry has to eat its own dog food, and make sure all customer data is persistently encrypted and protected from data breaches – it is the last line of defence for customers and the company.”

It all came to light during a routine check of operations that revealed malicious parties had stolen access rights of the sales partner late last year to ultimately swindle the data from Swisscom.

Since the breach, Swisscom has blocked the unknown partner’s access and put in place new policies that ban high volume queries for all customer information and require two-factor authentication for all data access by sales partners.

Kolochenko says security of third-parties (like partners) is a major and widely unaddressed problem these days, with many large financial institutions and e-commerce businesses already having lost millions of records because of hacked third-parties.

“Cyber criminals won't assault the castle, but will instead find a weak supplier with legitimate access to the crown jewels. However, the good news is that we see more and more companies who rigorously implement, for example, vendor risk assessment policies now, to prevent such risks,” says Kolochenko.

“Swisscom's efforts to mitigate and investigate the breach are laudable, but they won't really help the victims. Free webinars on cyber security and phishing prevention for the victims would be very helpful to prevent exploitation of the stolen data and to raise their overall level of security awareness."

Slack doubles down on enterprise key management
EKM adds an extra layer of protection so customers can share conversations, files, and data while still meeting their own risk mitigation requirements.
Security professionals want to return fire – Venafi
Seventy-two percent of professionals surveyed believe nation-states have the right to ‘hack back’ cybercriminals.
Alcatraz AI to replace corporate badges with AI security
The Palo Alto-based startup supposedly leverages facial recognition, 3D sensing, and machine learning to enable secure access control.
Unencrypted Gearbest database leaves over 1.5mil shoppers’ records exposed
Depending on the countries and information requirements, the data could give hackers access to online government portals, banking apps, and health insurance records.
Mozilla launches Firefox Send, an encrypted file transfer service
Mozille Firefox has launched a free encrypted file transfer service that allows people to securely share files from any web browser – not just Firefox.
Ransomware’s decline equals cryptomining’s rise
ESET’s Security Days Conference recently took place to go over the current threat environment and what to look out for next.
IoT and DDoS attacks: A match made in heaven
A10 Network’s Adrian Taylor uses findings from a number of reports to illustrate his point that advances in technology are facilitating cybercrime.
ForgeRock launches Sandbox-as-a-Service to facilitate compliance
The cloud-based testing environment for APIs enables banks to accelerate compliance with Open Banking and PSD2 deadlines.