Wednesday, July 1, 2026
HomeCyber SecurityTelco fined €9 million for hiding cyberattack affect to clients

Telco fined €9 million for hiding cyberattack affect to clients

[ad_1]

antenna

The Greek information safety authority has imposed fines of 5,850,000 EUR ($6.55 million) to COSMOTE and three,250,000 EUR ($3.65 million) to OTE, for leaking delicate buyer communication resulting from a cyberattack.

Because the company says in an announcement, COSMOTE infringed at the very least eight articles of the GDPR, together with violating its obligation to tell affected clients of the true affect of the incident.

OTE (Hellenic Telecommunications Group) and COSMOTE belong to the identical entity, OTE Group, which is the most important know-how firm in Greece, providing mounted and cellular telephony, broadband, and community communication companies.

The hacking incident

An inside investigation carried out by COSMOTE in 2020 revealed {that a} hacker social engineered one in every of its workers by LinkedIn and later used brute-forcing instruments to derive the goal’s account credentials.

In response to the findings of the investigation, the adversary used a Lithuanian IP tackle for accessing one in every of OTE’s servers repeatedly.

The risk actor leveraged the account credentials to steal database recordsdata on 5 separate events. The dimensions of the stolen information amounted to 48GB.

COSMOTE retains name particulars on its servers for 90 days for service high quality assurance, and maintains an anonymized model of the information for one more 12 months for statistical evaluation that helps in focused service enchancment.

Because the information safety authority probe found, the anonymization course of wasn’t correctly executed, and the information holding durations weren’t strictly revered.

The affect

The compromised server contained delicate subscriber particulars and name information that involved the interval between September 1, 2020, and September 5, 2020.

Extra particularly, the uncovered particulars embrace the next:

  • Tough positional information of 4,792,869 distinctive COSMOTE subscribers.
  • Age, gender, plan, and ARPU of 4,239,213 distinctive COSMOTE subscribers.
  • MSISDN/CLI of 6,939,656 customers of different telecommunication suppliers who communicated with clients of COSMOTE.
  • MSISDN, IMEI, IMSI, and related tower place for 281,403 roaming subscribers of COSMOTE.

The above data may very well be used for extremely focused social engineering, phishing, and even extortion in some circumstances.

Nonetheless, the affect of the hacking incident may very well be vital for focused subscribers who could also be high-interest people.

[ad_2]

RELATED ARTICLES

LEAVE A REPLY

Please enter your comment!
Please enter your name here

Most Popular

Recent Comments