Movistar has suffered “irregular access” to its computer systems that has given cyber attackers access to personal data of their customers, the company reported in an SMS that it sent to those affected during the afternoon of this Friday. The compromised information includes “basic and identification data, contact details, as well as information about the products and services contracted,” details Movistar.
7 quick tips to avoid being scammed with phishing
The access occurred last week and affects “several thousand customers,” Movistar sources explain to elDiario.es. The hole “has already been blocked” and the company “has no evidence” that this data “has been exploited”, reiterate the same sources and the SMS sent to users. There is also no evidence that the cyberattack has managed to access “or highly sensitive” banking information, such as the passwords used by Movistar clients to access their services or the details of the calls made.
Movistar has not given more information about the origin of the attack beyond that it occurred from unauthorized access points. “Accesses have been detected from unrecognized IPs and as such we have communicated it to clients”, they limit themselves to adding sources from Movistar. The data protection law obliges to communicate this type of security breach to users when their personal information has been compromised.
Cybercriminals use these types of holes to obtain personal data that they then sell or take advantage of to improve the effectiveness and accuracy of other offensive ones, such as phishing. These consist of impersonating companies or institutions to, then yes, trick the victim into providing bank details, sensitive information or downloading viruses that allow cybercriminals to access their devices.