What sounds like a nightmare for a company? Waking up to the news that the data of their customers is being sold online. That’s exactly what has happened to Ho-Mobile, an Italian phone service provider owned by Vodafone Italy.
Apparently, the personal data of over 2.5 million Ho-Mobile’s customers is being sold on a dark web hacker forum. The data includes personally identifiable information such as date of births, phone numbers, fiscal codes physical addresses, and email addresses.
As seen by Bank Security, the researcher believes that this information, particularly the Integrated Circuit Card-Identity (ICCID) codes can also be exploited to conduct sim swapping (SIM hijacking or SIM hacking) attacks which can be used for nefarious purposes including financial theft.
For example, by gaining access to a victim’s sim, the attackers could reset a banking app’s password and then access the verification code sent to the sim. With this, the password will be easily changed allowing the attacker to make transactions as they see fit.
Last year, there were several reported cases in which cyber criminals used sim swapping technique to steal millions in crypto from their victims. SIM swapping attacks are so common these days that Europol had to carry out an operation to nab SIM hacking networks from across Europe.
On the other hand, Ho-Mobile has responded stating that there is no evidence that their systems have been compromised but they have started an investigation nonetheless.
Vodafone Italy also commented saying that:
“Ho has no evidence of massive access to its IT systems that have jeopardized the customer base data.”
This though is being disputed by experts who have found the data to be matching that of some users of the service suggesting there is an actual connection.
To conclude, we do not have definitive evidence at the moment but will continue updating you on how this plays out. For the time being, it is best that Vodafone Italy also dedicates its resources to its child company in order for it to quickly mitigate any damage if it has occurred.