Login

Register

Login

Register


One of Canada’s three big wireless carriers was hacked last month, with the attacker making off with customer names and phone numbers for two months during the summer of 2017. The stolen data is already on sale online.

According to Bleeping Computer, Telus has begun notifying customers by email that a database of subscribers to its low-cost Koodo service about the violation of security controls.

The email says that on Feb. 13 an unauthorized third party using compromised credentials accessed the Koodo system and copied data for the months of August and September 2017. This data included customer mobility account number and telephone number. If that information changed since then, it wasn’t compromised.

However, account and phone numbers could be used by a criminal to switch a customer’s mobile to other numbers. That would enable the attacker to receive a two-factor authentication code if that safety capability has been enabled. As a result, Koodo said it has enabled the “Port Protection” feature on the affected accounts, which prevents attackers from porting a Koodo Mobile number to another carrier unless the account holder first calls and requests it to be done.

“We have found evidence that the unauthorized third party is offering the information for sale on the dark web,” the email to affected customers says. “With port protection in place, we do not believe that your information could be used for any fraudulent purposes. Nevertheless, we have reported this incident to law enforcement and the Office of the Privacy Commissioner of Canada and we are working closely with them on this matter.”

However, the news story also says the notice to customers advises them to stop using their mobile number as the second factor in a 2FA setup.


Related Download
Sponsor: CanadianCIO


Cybersecurity Conversations with your Board – A Survival Guide

A SURVIVAL GUIDE BY CLAUDIO SILVESTRI, VICE-PRESIDENT AND CIO, NAV CANADA
Download Now



Source link
——————————————————————————————————

Leave a Reply

Shqip Shqip አማርኛ አማርኛ العربية العربية English English Français Français Deutsch Deutsch Português Português Русский Русский Español Español

National Cyber Security Consulting App

 https://apps.apple.com/us/app/id1521390354

https://play.google.com/store/apps/details?id=nationalcybersecuritycom.wpapp


Ads

NATIONAL CYBER SECURITY RADIO

Ads

ALEXA “OPEN NATIONAL CYBER SECURITY RADIO”

National Cyber Security Radio (Podcast) is now available for Alexa.  If you don't have an Alexa device, you can download the Alexa App for free for Google and Apple devices.   

nationalcybersecurity.com

FREE
VIEW