Syniverse, a service provider for most of the telecommunications companies, revealed that the hackers had access to its databases over the past five years and negotiated login credentials belonging to hundreds of their users.

Self-described as “the world’s most connected company,” Syniverse facilitates text messaging routing services to over 300 mobile operators, among them AT&T, Vodafone, T-Mobile, Telefonica, Version, America Movil, and China Mobile.

Syniverse is so wide that it boasts about having as its users “nearly every mobile communication provider, the largest global banks, the world’s biggest tech organizations.”

Hijacked Tracked to May 2016

In an entry on September 27 with the U.S. Securities and Exchange Commission (SEC) spotted by a journalist, Syniverse revealed that an unauthorized party accessed the on several occasions database on its network.

When the organization became aware of the intrusions in May 2021, internal research began to determine the extent of the hack. “The outcome of the research disclosed that the unauthorized access began in May 2016,” the organization discloses in the SEC filing.

For the past five years, hackers have maintained access to Syniverse internal database and negotiated the login information for the Electronic Data Transfer (EDT) environment belonging to about 235 customers.

“All EDT customers have been notified and have had their credentials reset or inactivated, even if their credentials were not impacted by the incident. All customers whose credentials were impacted have been notified of that circumstance” – Syniverse

Enormous Node for Mobile Communications

The organization notes that its research did not discloses intent to disrupt operations or to constructing from the intrusion. Even in the research, we did not find any clue, the company does not exclude the probability of data exfiltration, which could affect its business, employee, customers, suppliers, and vendors, and could also lead to a future cyber-attack.

From its role as an intermediary between mobile carriers, it is easy to infer the type of data the hackers could access by breaching Syniverse: at least details about the source, destination, timestamps, general location, and possibly the content of the text messages.

According to the company, its infrastructure processes more than 740 billion messages every year, enabling interconnectivity between mobile network operators and giving them “unparalleled visibility into all messages hitting your network”.     

Syniverse describes itself as “the world’s most connected company” with a “secure global network [that] reaches almost every person and device on Earth.”

Given the part Syniverse plays in mobile communication around the world and the trove of sensitive information it needs to protect, the details about the breach and the goal of the intruder are likely to receive more scrutiny from national-level regulatory bodies.