Syniverse Was Hacked in 2016

Have you heard of Syniverse? In short, it provides a service that works in the background and enables people to use their smartphones to call or text their friends and families. That’s exactly why it is a very big deal that Syniverse got hacked.

According to Vice, Syniverse is a critical part of the global telecommunication infrastructure used by AT&T-Movile, Verizon, Vodafone, China Mobile and others.

In a Filings Report with the U.S. Security and Exchange Commission, Syniverse pointed out that it had been hacked in 2016. Here is a small portion of that section of the report:

…For example, in May of 2021, Syniverse became aware of unauthorized access to its operational and information technology servers by an unknown individual or organization… Promptly, upon Syniverse’s detection of the unauthorized access, Syniverse launched an internal investigation, notified law enforcement, commenced remedial actions and engaged the services of specialized legal counsel and other incident response professionals. Syniverse has conducted a thorough investigation of the incident.

The results of the investigation revealed that the unauthorized access began on May 2016. Syniverse’s investigation revealed that the individual or organization gained unauthorized access to databases within its network on several occasions, and that login information allowing access to or from its Electronic Data Transfer (EDT) environment was compromised for approximately 235 of its customers…

Daring Fireball pointed out that 235 customers doesn’t sound like a lot. But then realized that Syniverse’s “customers” are carriers, not people. Another problem pointed out on Daring Fireball was that Syniverse discovered the data breach in May of 2021, but the hack began in May of 2016.

It seems to me that it is possible that a lot of people’s data and information could have been stolen and used for nefarious purposes. This is really bad. I think Syniverse should have publicly mentioned the data breach years ago, instead of attempting to quietly let their investors know about it in 2021.