Vodafone Iceland breached, customer details, SMSes stolen

Summary:The Icelandic branch of Vodafone is in damage control after being breached and having its customer data leaked.

Vodafone Iceland is now in the middle of an investigation into how its website was attacked and customer data information, including SMS messages, were leaked to the public.

On November 30, the company's Icelandic website was defaced by attackers and subsequently taken offline. At the time, Vodafone did not believe that any confidential information had been stolen, and vowed to return to service.

The next day, however, Vodafone said on its Facebook page (in Icelandic) that despite its initial assessment, confidential customer data had, in fact, been accessed by the attackers. It apologised for this fact, and also advised its customers to change their passwords where they may have reused them elsewhere.

Turkish hacktivist group Agent claimed responsibility for the breach, defacing Vodafone's site with its group insignia, leaving the message, "nsa, mola vakti", and providing a link to SQL dumps of its customer databases.

The information has since been removed, and Vodafone is asking that others do not share it in order to protect innocent users' privacy.

ZDNet has sighted the stolen information, and can confirm that it contains customer names, phone numbers, email addresses, and social security numbers.

Some databases contained several entries showing common strings used in testing for SQL injection, interspaced with seemingly legitimate entries, indicating that this latest intrusion may not have been the first time that attackers had attempted to gain access to Vodafone's customer data.

Other databases contained the SMS history of customers.

Vodafone has confirmed that the SMS messages exposed were limited only to those sent from the Vodafone website and not via handsets. It also confirmed that the databases did not contain any credit card or bank details, unless that information was in an SMS sent from the website.

Vodafone CEO Ómar Svavarsson said that the company's security is constantly under review, and that although it conducts regular security audits, its attackers were one step ahead of them this time.

Topics: Security, Privacy

About

A Sydney, Australia-based journalist, Michael Lee covers a gamut of news in the technology space including information security, state Government initiatives, and local startups.

zdnet_core.socialButton.googleLabel Contact Disclosure

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Related Stories

The best of ZDNet, delivered

You have been successfully signed up. To sign up for more newsletters or to manage your account, visit the Newsletter Subscription Center.
Subscription failed.