The telecommunications industry is a vital component of any nation’s infrastructure as it facilitates communication and coordination, enabling individuals and businesses to operate effectively. Unfortunately, this critical industry has become an increasingly attractive target for ransomware and APT groups, with many U.S. telecommunications companies being targeted by hackers since January, according to a report by Cyble Research & Intelligence Labs.
Ransomware Attack on The City of Oakland Targeted
The City of Oakland confirmed a recent ransomware attack, but essential functions, including 911, financial data, and emergency resources, were not affected. The Information Technology Department is working with law enforcement to investigate and restore systems. The City is developing a response plan and expects delays. No details about ransom demands or data loss have been disclosed, and the responsible gang is unknown.
74 Million – Plus Clients’ Data Leaked
On January 5, 2023, CGM LLC, a U.S.-based SaaS provider specializing in Affordable Connectivity for telecommunications providers, was targeted by the notorious ransomware group CL0P. Recently, leaked screenshots containing sensitive information of disadvantaged applicants were publicly disclosed. On January 6, 2023, IntelBroker claimed to have found 37 million unsecured AT&T client records on a third-party vendor’s cloud storage and even made a sample of 5 million records public, which confirmed their discovery and added to the severity of the situation.
As a result, 37 million customers’ personally identifiable information (PII) was stolen, and T-Mobile notified affected clients and involved the police in the investigation. Additionally, Google Fi was targeted by SIM swapping attacks. On January 26, 2023, the threat perpetrator leaked the entire database of information, and on February 1, 2023, IntelBroker shared a database with sensitive information belonging to 144,000 U.S. Cellular clients, causing further alarm.
The data breaches discussed above are mostly attributed to third-party vendors, including high-profile incidents involving vendors, software, and managed service providers (MSPs). Examples of such breaches include the Okta breach in March 2022, the Kaseya hack in July 2021, and the leak of 77,000 Uber users’ data due to a breach at a third-party vendor, Teqtivity.
The compromised data in these incidents includes addresses, account numbers, service details, first names, device types, service plans, emails, device information, phone numbers, and subscription service details.
Go to Source
Author: Guru
