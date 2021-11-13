In the SMS, Movistar affirms that they have detected and blocked a irregular access to your systems from suspicious IP addresses . With that access, the alleged attackers would have agreed to basic and user identification data , as well as contact information, order history and information about the products and services contracted.

Users of Movistar and O2 they have started receive SMS and emails from the operators. These types of messages are usually used as phishing, alerting the user that they have to enter a specific link to access their account or that they have yet to make a payment. In this case, unfortunately, these are actual SMS and email messages.

The company claims that there is no evidence that these data have been exploited. Among the data that have not been exploited would be the billing data, call list, bank account or email and access passwords. O2 ha communicated the security breach directly by email to customers, and Movistar is also doing the same. The same information is collected in both.

Both Movistar and O2 affirm that they have already applied mitigation measures necessary to block access to information. Unfortunately, we do not know the number of users affected, but there are likely a large number of users whose data has been accessed. The operator has already informed the Spanish Agency for Data Protection (AEPD) data leakage for them to investigate. The RGPD requires that data protection agencies be notified of these types of leaks less than 72 hours after knowing them.

Thus, although it has not been detected no misuse of dataIt would not be strange for a group of hackers to assume responsibility for this attack. With this, they will probably ask for money in exchange for not publishing it, and the end may be similar if they have really managed to get hold of user data.

Although there is no billing information, the basic information of the user and contact information usually have the full name, ID, physical address and telephone numbers. From how the operator explains it, it is to be expected that this data has been accessed by third parties. Therefore, we will have to wait to learn how it develops. We will update as we learn new information.