According to a report by Ars Technica, Syniverse a company that routes hundreds of billions of SMS messages was the victim of a five-year hack. Syniverse, in a disclosure to the SEC (Securities and Exchange Commission), said that they noticed in May 2021 that someone had unauthorised access to its systems since 2016.
After finding out about the breach Syniverse immediately launched an internal investigation, notified the authorities and engaged incident response professional and legal counsel.
However, during the hackers stay he/she/they reportedly had compromised the logins for Syniverse’s Electronic Data Transfer environment for 235 carries. For the sake of perspective Syniverse’s intercarrier message service processes 740 billion messages a year.
It’s also used by big carriers or mobile network operators like AT&T, Verizon, and T-Mobile. To find out if people’s SMS messages were exposed in the hack, Ars Technica reached out for a comment from the carriers but they haven’t yet heard back.
On the part of Syniverse, Ars Technica was told the following:
“Given the confidential nature of our relationship with our customers and a pending law enforcement investigation, we do not anticipate further public statements regarding this matter,”
Syniverse was said to have patched up the breach, however, five years is a long time and the extent of the damage may be revealed as fresh reports come in. This is going to be an interesting one to keep an eye on.