Telefonica Calls Authorities after Massive Breach

The Netherlands-based Telecompaper reported that Telefonica, a top-10 telecom vendor based in Spain that delivers telecom services across more than 20 countries, was hit by a major security breach. Personal customer data of millions of its clients was possibly exposed in the breach. The company reportedly said the flaw was fixed and that the breach was reported to the authorities. Information exposed by the breach was reported to have included customers' fixed-line and mobile numbers, their full names, national ID numbers, home addresses, banks and call and data records. Though the company does not yet know the full extent of the breach, the data exposed in the security breach reportedly could be downloaded by a hacker. “Surprisingly, the Telefonica customer data was easily downloadable as an unencrypted spreadsheet,” said Pravin Kothari, founder and CEO of CipherCloud. “Moral of the story? Cyber-attackers will get into any network sooner or later. End-to-end encryption would have provided safe harbor for Telefonica if they used it to protect the data. With encryption there would be no breach to report under GDPR as stolen encrypted data would be unusable,” said Kothari.