Over two million people should be wary following an attack on one of Vodafone Group Plc (ADR) (NASDAQ:VOD) (LON:VOD)’s servers that revealed customers’ names, bank codes, account numbers, addresses and birth dates. The attack occurred on September 5, but at the request of authorities charged with investigating the matter, the breach was not made public until earlier today.
Vodafone on the attack
“Vodafone discovered and stopped the attack, and quickly filed charges,” Vodafone Group Plc (ADR) (NASDAQ:VOD) (LON:VOD) said. “The attack was only possible due to…insider knowledge, and occurred deep in the company’s IT infrastructure,” it said. The attack against the European wireless giant was limited to German accounts.
Though the male suspect was apprehended, German law forbids the disclosure of his name. He worked for an external service provider and had access to Vodafone data, yet oddly, felt that hacking the server from outside was the better way of collecting the data rather from the server directly while on site. It’s understood that following Vodafone Group Plc (ADR) (NASDAQ:VOD) (LON:VOD) disclosure of the attack to law enforcement, the police searched the suspect’s home.
Potential phishing attacks
While the suspect didn’t obtain access to credit card data, passwords, personal identification numbers or mobile phone numbers, those affected should be cognizant of potential “phishing” attacks that would allow the exposed data to be coupled with passwords gained through a second attack, making the draining of a bank account or credit card a distinct possibility.
In this day and age, hacking will forever remain a game of cat and mouse, where the hackers generally win. Most improvements to security come from someone exposing a backdoor and weakness that IT departments quickly close until a new exploit is found. With state sponsored attacks either directly or indirectly, those hacking for profit, or simply groups that wish to be a menace or nuisance, this is not likely to change but instead only increase in frequency. Parents can sleep well knowing that their children will always have a job either as a hacker or security specialist.
