A hacker attack was able to steal the personal and SIM data of Ho mobile customers. This was announced today in an official note by the same mobile operator of the Vodafone Group. It appeared last week Theft news, Ho Mobile had replied that he was investigating and that there was no evidence at present. While many aspects of the number of users involved and how hackers got into the operator’s settings have been clarified, other details of what happened are confirmed today.
Ho Mobile reports that only “part” of customers are affected. From the verification, reads the note that “still in operation, some of the customer site data has been illegally stolen with reference only to SIM’s personal and technical data.” With these data, it has been confirmed that the risk for users is SIM swap, which was recently discovered by the Telecommunications Commission hacking the strong growth of Italy. With this data, criminals can theoretically obtain a SIM in the victim’s name by contacting the operator’s retailer. With the new SIM they can steal passwords coming via SMS and then enter, for example, a bank account, authorize credit card payments or control a digital account.
I have a mobile Republic, Has implemented a number of security checks to determine users’ identities and the SIM’s effective ownership when requesting a change. The other positive fact is that “traffic-related data (text messages, phone calls, web transactions, etc.), or banking data or any of its customers’ payment method data are not stolen in any way”. So Vodafone prevented intrusion, prevented further damage, and activated security systems to prevent it from happening again. The operator reports that he has already complained to the investigating officer and told the privacy guarantor that “he is working in close contact with whom”.
What should mobile users do?
The operator contacts the users concerned. In any case, all customers can now change their SIM for free, but for security reasons they must do so in person at one of the authorized stores.
The data has been on sale in the dark web since December 22nd, so criminals have already been able to make some SIM alternatives in the meantime, though nothing at the moment.
Experts, against the risk of SIM transfer, generally advise not to activate password sending systems via SMS (preferably through the application, even if many services do not support this alternative). “Anyone with a mobile phone number associated with some service (such as banking or digital, WhatsApp, etc.) is advised to change it to another number,” advises computer forensic expert Pavlo Tolceco.
In the event of an outbreak, the attack on Ho Mobile should be configured in a context of strong growth of hacker attacks, which is also stated in a year-end report By the government. Large corporations such as Cambori and key infrastructure such as the European Pharmaceuticals Company were involved (criminals were hunting down confidential information about Govt vaccines; attack on Pomezia IRPM, which manufactures them for the same purpose).