Company That Routes Billions of Text Messages Quietly Says It Was Hacked

Syniverse repeatedly declined to answer specific questions from Motherboard about the scale of the breach and what specific data was affected, but according to a person who works at a telephone carrier, whoever hacked Syniverse could have had access to metadata such as length and cost, caller and receiver's numbers, the location of the parties in the call, as well as the content of SMS text messages.

To give perspective as to Syniverse's importance, due to a maintenance update in 2019, Syniverse lost tens of thousands of text messages on Valentine's Day, which meant that the text messages were lost in transit and only delivered months later.

Syniverse routes text messages between different carriers both in the U.S. and abroad, allowing people who are on Verizon's network to communicate with customers who use another carrier.

"The world's largest companies and nearly all mobile carriers rely on Syniverse's global network to seamlessly bridge mobile ecosystems and securely transmit data, enabling billions of transactions, conversations and connections [daily]," Syniverse wrote in a recent press release.

"Syniverse systems have direct access to phone call records and text messaging, and indirect access to a large range of Internet accounts protected with SMS 2-factor authentication. Hacking Syniverse will ease access to Google, Microsoft, Facebook, Twitter, Amazon and all kinds of other accounts, all at once."

Syniverse disclosed the breach in an August SEC filing as the company gearing to go public at a valuation of $2.85 billion via a merger with M3-Brigade Acquisition II Corp., a special purpose acquisition company.

In the document, the company wrote that it "Did not observe any evidence of intent to disrupt its operations or those of its customers and there was no attempt to monetize the unauthorized activity. Syniverse did not experience and does not anticipate that these events will have any material impact on its day-to-day operations or services or its ability to access or process data. Syniverse has maintained, and currently maintains, cyber insurance that it anticipates will cover a substantial portion of its expenditures in investigating and responding to this incident."

https://www.vice.com/en/article/z3xpm8/company-that-routes-billions-of-text-messages-quietly-says-it-was-hacked