Data of 800,000 Swisscom customers compromised in breach

Swisscom, the biggest telecom company in Switzerland, has suffered a data breach that resulted in the compromise of personal data of some 800,000 customers, i.e., nearly ten percent of the entire Swiss population.

“The data accessed included the first and last names, home addresses, dates of birth and telephone numbers of Swisscom customers; contact details which, for the most part, are in the public domain or available from list brokers,” the company explained. The data is classed as “non-sensitive” under Swiss data protection law. No sensitive data, such as passwords, conversation or payment data, was affected.

Swisscom discovered the incident during a routine check of operational activities. The following investigation showed that the breach dates back to autumn of 2017. Apparently, the attackers “misappropriated the access rights of a sales partner,” who are “given limited access to this data to enable them to identify and advise customers and conclude or amend contracts with them.” Access to the system required them to enter a username and password and, obviously, the attackers have compromised some of these login credentials.

Read more about the Swisscom data breach, which will likely impact almost every family in the country, on Help Net Security.

 

Track the strategic threats to your business with the Threat Brief, delivered to your email daily.

Subscribe Here