- Swisscom suffers data breach, affects 800,000 customers
- The exposed data includes names, addresses, dates of birth, and phone numbers
- The breach took place via a third-party partner
Swisscom, Switzerland's largest telecom company, has been hit by a data breach that affects some 800,000 customers. The number wouldn't be too bad, compared to other similar breaches across the world, if it didn't mean that 10% of the country's population is affected.
The security breach reportedly occurred in the autumn of 2017 and it affects mobile subscribers. The data hackers accessed is quite sensitive and includes first and last names, home addresses, dates of birth, and telephone numbers. This makes all these people perfect targets for a wide range of fraud schemes, despite assurances from the company that this type of data is "non-sensitive".
"Swisscom discovered the incident during a routine check of operational activities and made it the subject of an in-depth internal investigation," the company says in a statement. Swisscom then expresses a sense of happiness that passwords, conversations, or payment data, weren't affected by the breach.
The company claims the breach is the fault of an unnamed third-party sales partner who had suffered its own security breach. Because they had been granted limited access to the Swisscom data in order to identify customers who were up for contract renewal, the telco was breached too. Once the incident was discovered, the company blocked the partner's access.
Now, Swisscom promises it will introduce two-step authentication for all its sales partners in the coming year, and has put in place an alarm system to check for any unusual activity.
Security experts applaud the company's efforts to mitigate and investigate the breach, but point out this won't do much for the affected customers.