Story image

Mega breach: 800,000 Swisscom customers’ data stolen via hacked partner

09 Feb 18

News broke recently of a huge data leak at major Swiss telco provider, Swisscom.

Affecting around 800,000 customers, the leak came when security at an external sales partner was breached, prompting the Swiss group to tighten access to its files.

Swisscom stressed that the leaked data contained only "non-sensitive information" like customers' names, addresses, telephone numbers and dates of birth, with no hyper sensitive information like passwords or payment data

High-Tech Bridge CEO Ilia Kolochenko and WinMagic EMEA VP Luke Brown say this "non-sensitive information" is anything but, and while Swisscom may be playing the incident down, the implications of the breach will be far and wide.

"Globally speaking, it's a drop in the multi-billion ocean of data breaches. However, for Switzerland, it is a very important data breach that will likely impact almost every family in the country,” Kolochenko says.

"The allegedly stolen data provides cyber criminals with a great wealth of opportunities: from impersonation and password recovery, to various spear phishing and sophisticated fraud campaigns. Switzerland is one of the most wealthy countries and represents a great interest for cyber gangs. This data can be exploitable during the next few years and may cause substantial harm in the long run.”

Brown says the breach and Swisscom's claim that the customer data taken is non-sensitive underlines a huge misunderstanding between many companies and their customers.

"Customers share data on the basis that it will be respected and protected – to them all data shared privately is sensitive," Brown says.

"The industry has spent years telling web users how to protect themselves from Identity fraud, and now the industry has to eat its own dog food, and make sure all customer data is persistently encrypted and protected from data breaches – it is the last line of defence for customers and the company.”

It all came to light during a routine check of operations that revealed malicious parties had stolen access rights of the sales partner late last year to ultimately swindle the data from Swisscom.

Since the breach, Swisscom has blocked the unknown partner’s access and put in place new policies that ban high volume queries for all customer information and require two-factor authentication for all data access by sales partners.

Kolochenko says security of third-parties (like partners) is a major and widely unaddressed problem these days, with many large financial institutions and e-commerce businesses already having lost millions of records because of hacked third-parties.

“Cyber criminals won't assault the castle, but will instead find a weak supplier with legitimate access to the crown jewels. However, the good news is that we see more and more companies who rigorously implement, for example, vendor risk assessment policies now, to prevent such risks,” says Kolochenko.

“Swisscom's efforts to mitigate and investigate the breach are laudable, but they won't really help the victims. Free webinars on cyber security and phishing prevention for the victims would be very helpful to prevent exploitation of the stolen data and to raise their overall level of security awareness."

ForeScout acquires OT security company SecurityMatters for US$113mil
Recent cyberattacks, such as WannaCry, NotPetya and Triton, demonstrated how vulnerable OT networks can result in significant business disruption and financial loss.
'DerpTrolling’ faces jail time for Sony DoS attacks
A United States federal court has charged a 23-year-old man for the hacks on Sony Online Entertainment and other major companies back in 2014.
Dropbox strengthens security with raft of new partnerships
Integrations will keep customer content protected and secure with tools for controlling identity access, governing data, and managing devices.
Companies swamped by critical vulnerabilities – Tenable
Research has found enterprises identify 870 unique vulnerabilities on internal systems every day, on average, with over 100 of them being critical.
Exclusive: Okta’s new GM shares its APAC strategy
“We believe that partnering with systems integrators, independent software vendors and consulting companies is a key factor of success for Okta.”
Three access management trends making waves in APAC
Consumer identity proofing, authentication, and authorisation will top the $37 billion value mark by 2023.
Combatting the rise of Cybercrime-as-a-Service
Amateur cybercriminals (or anyone with a grudge), can execute spam attacks, steal people’s identities, and more. 
ThreatQuotient partners with Visa for payments safety
“Cyber criminals are reusing tactics, techniques and procedures, leaving a recognisable trail of breadcrumbs and insights into the very attacks they are launching.”