FlagThis - #telecommunications

African multinational telecommunications company, MTN Group, has disclosed a cybersecurity breach that exposed the personal information of some of its subscribers. The breach has raised significant concerns about data security and the potential regulatory and legal repercussions the company may face. MTN operates across various African markets and is therefore subject to stringent national data protection laws, such as South Africa’s Protection of Personal Information Act (POPIA) and Nigeria’s Data Protection Regulation (NDPR). These regulations mandate strict data handling and security measures, with non-compliance potentially leading to substantial fines and legal actions.

MTN's immediate response included collaboration with law enforcement, specifically the South African Police Service and the Directorate for Priority Crime Investigation, underscoring the seriousness of the situation. While MTN has assured stakeholders that its core networks and financial systems remain secure, the incident has nonetheless triggered concerns about the overall robustness of the company's cybersecurity defenses. An investigation is currently underway to determine the full scope and impact of the breach, as the company seeks to understand how the attackers were able to compromise customer data.

The breach poses a significant challenge to MTN's brand reputation and customer trust, particularly given its extensive subscriber base of nearly 300 million users. Restoring confidence will require transparent communication with affected customers and the implementation of robust cybersecurity measures to prevent future incidents. The company has already begun notifying impacted customers and is working to comply with all local legal and regulatory obligations. While the precise financial consequences of the breach are still unknown, the incident highlights the growing threat of cyberattacks against telecommunications companies and the critical importance of maintaining strong data protection practices.


References :

• securityaffairs.com: SecurityAffairs: African multinational telco giant MTN Group disclosed a data breach
• The DefendOps Diaries: TheDefendOpsDiaries: MTN Cybersecurity Breach: Navigating Challenges and Implications
• BleepingComputer: BleepingComputer: Mobile provider MTN says cyberattack compromised customer data
• Talkback Resources: MTN Group and Cell C, South African telecom providers, experienced data breaches, with MTN Group taking steps to notify affected customers and authorities, while Cell C's stolen data was leaked on the dark web by a ransomware group.
• bsky.app: African mobile giant MTN Group announced that a cybersecurity incident has compromised the personal information of some of its subscribers in certain countries.

Classification:

• HashTags: #DataBreach #Telecom #Africa
• Company: MTN Group
• Target: MTN Subscribers
• Product: Telecommunications
• Feature: Data Exposure
• Type: DataBreach
• Severity: Medium

The FBI has issued a public appeal for information regarding a widespread cyber campaign targeting US telecommunications infrastructure. The activity, attributed to a hacking group affiliated with the People's Republic of China and tracked as 'Salt Typhoon,' has resulted in the compromise of multiple U.S. telecommunications companies and others worldwide. The breaches, which have been ongoing for at least two years, have led to the theft of call data logs, a limited number of private communications, and the copying of select information subject to court-ordered U.S. law enforcement requests. The FBI is seeking information about the individuals who comprise Salt Typhoon and any details related to their malicious cyber activity.

The FBI, through its Internet Crime Complaint Center (IC3), is urging anyone with information about Salt Typhoon to come forward. The agency's investigation has uncovered a broad and sophisticated cyber operation that exploited access to telecommunications networks to target victims on a global scale. In October, the FBI and CISA confirmed that Chinese state hackers had breached multiple telecom providers, including major companies like AT&T, Verizon, Lumen, Charter Communications, Consolidated Communications, and Windstream, as well as dozens of other telecom companies in numerous countries.

In an effort to incentivize informants, the U.S. Department of State’s Rewards for Justice (RFJ) program is offering a reward of up to US$10 million for information about foreign government-linked individuals participating in malicious cyber activities against US critical infrastructure. The FBI is accepting tips via TOR in a likely attempt to attract potential informants based in China. The agency has also released public statements and guidance on Salt Typhoon activity in collaboration with U.S. government partners, including the publication of 'Enhanced Visibility and Hardening Guidance for Communications Infrastructure.' Salt Typhoon is also known by other names such as RedMike, Ghost Emperor, FamousSparrow, Earth Estries, and UNC2286.


References :

• bsky.app: The FBI has asked the public for information on Chinese Salt Typhoon hackers behind widespread breaches of telecommunications providers in the United States and worldwide.
• thecyberexpress.com: The FBI has issued a public appeal for information concerning an ongoing cyber campaign targeting US telecommunications infrastructure, attributed to actors affiliated with the People’s Republic of China (PRC).
• www.bleepingcomputer.com: FBI seeks help to unmask Salt Typhoon hackers behind telecom breaches
• BleepingComputer: The FBI has asked the public for information on Chinese Salt Typhoon hackers behind widespread breaches of telecommunications providers in the United States and worldwide.
• The DefendOps Diaries: Explore Salt Typhoon's cyber threats to telecom networks and the advanced tactics used by this state-sponsored group.
• malware.news: The FBI is seeking information from the public about the Chinese Salt Typhoon hacking campaign that, last year, was found to have breached major telecommunications providers and their wiretap request systems over a two-year period.
• Industrial Cyber: The Federal Bureau of Investigation (FBI) is requesting public assistance in reporting information related to the People’s Republic...
• industrialcyber.co: FBI issues IC3 alert on ‘Salt Typhoon’ activity, seeks public help in investigating PRC-linked cyber campaign
• Policy ? Ars Technica: FBI offers $10 million for information about Salt Typhoon members
• www.cybersecuritydive.com: FBI seeks public tips about Salt Typhoon
• www.scworld.com: US intensifies Salt Typhoon crackdown with public info request

Classification:

• HashTags: #CyberEspionage #TelecomSecurity #SaltTyphoon
• Company: FBI
• Target: US Telecommunications Companies
• Attacker: Salt Typhoon
• Product: Telecommunications Infrastructure
• Feature: Data theft
• Malware: Salt Typhoon
• Type: Espionage
• Severity: Major