Vodafone Iceland hacked; data of over 70k users stolen

Vodafone Iceland was hacked on November 29 within initial breach only pegged to website defacement; however, after initial investigation the company confirmed that attackers have had accessed customer information as well as SMSes sent using the website.

The hack was first tweeted by @AgentCoOfficial, a Turkish hacktivist group, which was followed by an announcement by Vodafone that its website was defaced by attackers because of which it was taken offline. During the initial announcement, Vodafone didn’t believe that confidential data may have been accessed and revealed that it will bring back the site as soon as possible.

The original tweet by the attacker was followed by another tweet on the same day with details about a file containing the data siphoned off from Vodafone’s site and few minutes after that followed a tweet with screenshot of SMSes sent by customers.

Vodafone changed its stance on December 1 with an announcement through its Facebook page that attackers have had accessed confidential customer data and that it was sorry for what had happened. The company asked its customers to change their passwords where they might have used the same set of login credentials just to be safe.

The file containing the stolen credentials has since been removed and Vodafone has urged those in possession of a copy not to share it with anyone for the privacy of its innocent customers. We have managed to look at the files through one of our underground contacts and can confirm that the data contains email address, customer names, phone numbers, and even social security numbers of 70,000 customers. We couldn’t find any financial details and it seems that Vodafone had segregated those details from the customer database.

Vodafone claims that the SMSes that have been stolen are not the ones sent from customers’ handsets, but the ones sent from its website.

Ravi