Telefónica Investigates Major Data Breach at Movistar: 22 Million Records Compromised
Telefónica is currently investigating a significant data breach involving its subsidiary Movistar, where a cybercriminal known as 'Dedale' allegedly accessed 22 million customer records illegally. The breach has already led to the leaking of a database containing details for 1 million customers, revealing sensitive information such as full names, national identification numbers (DNI), mobile phone numbers, service plans, and status updates.
It is crucial to note that the reported 22 million records do not necessarily translate to 22 million affected customers. This is due to the fact that a single customer may have multiple records associated with them, including different identifiers such as names, ID numbers, and addresses.
Currently, the database exposed by the hacker appears to contain data primarily from users in Peru. However, the potential exists for further records from other countries where Telefónica operates, including Spain, to have also been accessed. This risk raises concerns not only for the company's reputation but also for the potential financial impact on its customer base across various markets.
The timing of this incident is particularly noteworthy, as Telefónica had sold its Peruvian subsidiary just a few months prior, in mid-April, to the Argentine company Integra Tec International for approximately 900,000 euros. This sale coincides with ongoing bankruptcy proceedings, adding a layer of complexity to the situation for Telefónica.
In a chilling twist, the hacker is reportedly demanding a ransom of $1,500 (around 1,314 euros) for the safe return of the stolen data. This figure is strikingly low compared to the larger ransom amounts typically seen in cybersecurity extortion cases, signaling the possibility of a unique motive or strategy behind this attack.
Cybersecurity firm HackManac was the first to break the news of the breach, sharing details on social media platform X. The extent and implications of this intrusion could have lasting ramifications for Movistar and its users, emphasizing the need for robust data protection measures in the telecommunications industry. As the investigation unfolds, customers and stakeholders will be keenly watching Telefónica's response and the actions taken to mitigate the damage.
Related Sources: