"Telecom provider Odido was unaware for two days that the hack in early February had resulted in a massive data breach. CEO Tisha van Lammeren publicly acknowledged for the first time that an internal investigation had wrongly concluded that nothing had been stolen. The hacker group ShinyHunters had to report this themselves. Phishing was used to gain access to the telecom provider's networks. Although Odido blocked the compromised account within an hour, it was already too late. On February 5, the data of millions of customers was downloaded without any alarm being triggered, says Van Lammeren."
"It wasn't until February 7, when ShinyHunters contacted the company themselves to say they had customer data in their possession, that the true extent of the breach became clear. "We were extremely surprised by the speed at which everything happened," said the executive. Theft remained unclear for a long time. Even after that, uncertainty persisted. It wasn't until early March, after the group published all the stolen data on the dark web, that Odido discovered business customers had also been affected."
"The provider initially thought it only involved Odido and Ben consumers. Van Lammeren does not wish to explain how the hackers concealed the theft. "The hackers have good techniques for that. It happens in the background." Communication could have been better. A few days after the hack, the provider sent 6.2 million messages to customers and former customers. But further updates were scarce. Van Lammeren cites improving crisis communication as the most important lesson the company has learned."
"She acknowledges that the company should also have informed customers about matters that were still unclear. Odido's information page about the hack was expanded last week. In a video featuring the CEO, the company explains, among other things, why it decided not to pay a ransom to the hacker collective-a decision it still stands by. Meanwhile, two regulatory investigat"
Odido was unaware for two days after an early-February hack that it had led to a massive data breach. An internal investigation initially concluded that nothing had been stolen, but the hacker group ShinyHunters had to report the breach themselves. Phishing enabled access to Odido’s networks, and the compromised account was blocked within an hour, yet millions of customers’ data were downloaded without triggering alarms. The full scope became clear on February 7 when ShinyHunters contacted Odido with customer data. Business customers were identified as affected only in early March after the stolen data was published on the dark web. Odido later expanded its information page and stated it would not pay ransom.
Read at Techzine Global
Unable to calculate read time
Collection
[
|
...
]