Vodafone Italia is notifying its customers of a data breach, stating that a reseller of its telecommunications services in Italy, FourB S.p.A, was the victim of a cyberattack.
The notice warns that important subscriber credentials were compromised in a cyberattack during the first week of September, possibly exposing subscriber data, IDs, and contact information. It also stresses the fact that no sensitive information, such as passwords or network traffic data has been exposed as a result of the attack.
Vodafone advises recipients to pay attention to incoming messages, as the risk of being approached by phishing actors has escalated. The company also mentions that its reseller, FourB has restricted access to the compromised servers and increased system security to prevent a repeat.
Vodafone’s Statement Vs Hacker Group Ad
KelvinSecurity claimed an attack against Vodafone on September 3, 2022, but it’s unclear if it’s related to today’s disclosure. The hacker group offered to sell 295,000 files totaling 309 GB of Vodafone Italia data on messaging platforms and a hacking forum, according to Bleeping Computer.
At that moment, Vodafone responded to the breach rumor by saying they had found no proof of illegal access to the company’s IT systems but would continue the investigation.
KelvinSecurity is a seasoned data vendor that could sell initial access to other threat actors. After breaching a backup server belonging to Frost & Sullivan, a U.S business consulting firm, in June 2020, the hacked group traded the information of its personnel on hacker forums.
The threat actor said their initial intention was to warn the organization about security flaws they had found, but after the compromised company failed to respond to their warnings, the threat actor proceeded to auction the database.
In February, Vodafone Portugal was also the victim of a cyberattack that caused national service disruptions including 4G/5G internet, SMS text messages, and television.
If you liked this article, follow us on LinkedIn, Twitter, Facebook, Youtube, and Instagram for more cybersecurity news and topics.