Security gurus have suggested for years that relying on SMS for two-factor authentication is a bad idea. Reasons include
- Your phone may be stolen
- Many people allow SMS messages to be displayed on lock screens
- Your phone can be SIM-cloned
- People inside your phone carrier may have access to your text messages
But here’s a new issue. A little-known company named Syniverse revealed something interesting in an SEC filing:
“Syniverse has experienced, and may in the future face, hackers, cybercriminals or others gaining unauthorized access to, or otherwise misusing, its systems to misappropriate its proprietary information and technology, interrupt its business, and/or gain unauthorized access to its or its customers’ confidential information.
For example, in May 2021, Syniverse became aware of unauthorized access to its operational and information technology systems by an unknown individual or organization (the “May 2021 Incident”). Promptly upon Syniverse’s detection of the unauthorized access, Syniverse launched an internal investigation, notified law enforcement, commenced remedial actions and engaged the services of specialized legal counsel and other incident response professionals. Syniverse has conducted a thorough investigation of the incident.”
Just who is Syniverse? A company that routes billions of text messages annually for all major US cell phone carriers.
Ars Technica has more coverage.
Related Posts:
- Mullenweg, Former Part Owner of WP-Engine, and His WordPress Checkbox of Doom - October 26, 2024
- Need a Laugh? Read the Linux Kernel List’s Foam-Mouthed Responses to Russian Programmers Banned from Contributing to the Linux Kernel - October 25, 2024
- OpenAI Disbands Yet Another Safety Team - October 24, 2024
Leave a Reply