submit@infiniteprivacy.com
Personal Privacy

SS7 Protocol Breach Exposed Private Data of US Cellular Provider Customers

The Infinite Brief
The US Department of Homeland Security recently warned that malicious hackers may have targeted US phone users by exploiting SS7, a four-decades-old networking protocol used by cell phone providers around the world.

According to a spokesman for US Senator Ron Wyden (D-Ore.), one of the nation’s major cellular carriers recently experienced a breach of that same protocol that exposed customer data.

“This threat is not merely hypothetical—malicious attackers are already exploiting SS7 vulnerabilities,” Wyden wrote. “One of the major wireless carriers informed my office that it reported an SS7 breach, in which customer data was accessed, to law enforcement through the government’s Customer Proprietary Network Information (CPNI) Reporting Portal.”

Such reports are legally required when carriers believe customer data has been illegally accessed. Chu declined to say who the US carrier is.

SS7 is a routing protocol that allows cell phone users to connect seamlessly from network to network as they travel throughout the world.

With little built-in security and no way for carriers to verify one another, SS7 has always posed a potential hole that people with access could exploit to track the real-time location of individual users.

Originally via Ars Technica

The US Department of Homeland Security recently warned that malicious hackers may have targeted US phone users by exploiting a four-decades-old networking protocol used by cell phone providers around the world, according to a spokesman for US Senator Ron Wyden (D-Ore.).

See the original article at https://arstechnica.com/information-technology/2018/05/nefarious-actors-may-have-abused-routing-protocol-to-spy-on-us-phone-users/

Leave a Response