Syniverse handles messages from some of the biggest carriers
Syniverse, a telecommunications company that helps carriers like Verizon, T-Mobile, and AT&T send messages between each other and other carriers abroad, revealed last week that it was the subject of a potentially five-year-long hack. . If the Syniverse name sounds familiar, the company was also responsible for the disappearance of a bunch of Valentine’s Day text messages in 2019.
Hack in question brought to light In a Securities and Exchange Commission filing published last week. In it, Syniverse shares that in May 2021 it “became aware of unauthorized access by an unidentified person or organization to its operational and information technology systems.” The company did its due diligence to notify law enforcement and conduct an internal investigation, which resulted in the discovery that the security breach first began in May 2016. That’s five years of (presumably) unfettered access.
The hackers “gained unauthorized access to databases within its network on multiple occasions, and from that login information access to its electronic data transfer (EDT) environment or to its approximately 235 customers was compromised,” the filing reads. This may include access to call records, and metadata such as phone numbers, locations, and the content of text messages, According to Motherboard’sources say.
Syniverse’s SEC filing states that the company notified anyone caught in the breach, and that it was appropriate to reset the credentials. Additionally, “Syniverse saw no evidence of intent to disrupt its operations or its customers and made no attempt to monetize unauthorized activity,” the filing said. Verizon, AT&T, and Syniverse did not immediately respond to requests for comment. ledge, while T-Mobile sent questions to CTIA. T-Mobile told Ars Technica That it was “aware of a security incident” with Syniverse, but “there is no indication that any personal information, call record details or text message content of T-Mobile customers was affected.”
Syniverse’s security breach was detected as the company trying to be public through a merger with a Special Purpose Acquisition Company (SPAC), but this appears to have been a target in the first place due to the size of the company. Syniverse has spent the past decade becoming the quasi-gatekeeper for several US carriers through acquisitions, ledgereceived prior reporting. Size matters in business, but as with the SolarWinds hack, it matters even more when something goes wrong.