Maxney, the Turkish hacker who’s known for breaching the systems of several high-profile companies from all over the world, has targeted Vodafone Iceland. The hacker not only defaced several of the company’s domains, but also leaked the details of over 70,000 customers.
Vodafone Iceland immediately took down its website following the attack. Initially, the company stated that there wasn't any evidence to suggest that customer information had been compromised.
However, they later admitted that the hacker gained access to sensitive data.
The data leaked by the hacker, published on a file sharing website, includes a lot of sensitive information. Cyber War News has analyzed the information and found SMS messages, usernames, user IDs, encrypted and clear text passwords, email addresses, some financial information, and even the equivalent of social security numbers.
The details of account managers have also been published online. The information leaked by Maxney was quickly removed from the file sharing website where it was initially uploaded.
The list of defaced domains includes efni.vodafone.is, extras.vodafone.is, wap.vodafone.is, m.vodafone.is, 2008.vodafone.is and ogvodafone.is.
Vodafone Iceland representatives have clarified that the cyberattack hasn’t impacted any of the telecommunications networks. After news of the breach, numerous customers contacted the company asking for additional details.
In a short FAQ published on its official Facebook page, the company noted that the SMSs leaked by the hacker are ones that have been sent via the Vodafone website. Text messages sent from phones have not been compromised.
Vodafone says the credit card details found in the leak were contained in the SMSs sent by customers. Websites hosted by the telecoms giant are also said to be safe.
On the other hand, customers are advised to change their passwords, particularly if the same one has been used to protect other online accounts as well.
Vodafone Iceland has called in some of the country’s “most talented professionals in data and network security issues” to investigate the incident. Authorities have also been alerted.
In the meantime, Internet users are urged by the company not to share the data leaked by the hacker.