By cyber invade Telekom without great effort even to the passwords of users

After one of the most serious cyber attacks at Telekom Slovenijein which 385 internal documents with personal data of some of their subscribers and customer information, partners and Telekom's subsidiary IPKO in Kosovo have been revealed on the dark web, there are more and more questions about Telekom's true information security security, as well as their responsibility for maliciously discovered (ang. doxxing) information about at least 150 people, including telephone numbers.

Yesterday, we reported that some editorial boards found documents that were supposed to contain sensitive information about Telekom's subscribers, including addresses, telephone numbers and IP addresses, and that the information on the forums on the dark web was already on display.

In the files we have obtained and verified in the editorial board Work, It seems that there were a lot of data aligned, including names, surnames, addresses, house and telephone numbers of customers, as well as rough estimates close to thousands of employees' e -mail addresses and the permits they have in the system.

This is not only Telekom's employees, but also employees of IPKO, in Dars … In the Dars case, the files associated with the tolls and vignettes and punishment for truckers are expected to appear in the files. Radar images, as well as tolls from abroad, are also found, from Slovakia and Hungary.

Internal communication revealed

In the files.Json used to exchange data between web servers and online applications, it is possible to see the internal communication by most. They can use it to understand how a particular system works. It also seems that V.JSON files are complete data of all employees.

In the case of Telekom, a company with the « largest mobile network with the most base stations and the largest access optical network » in the country, it is wonderful how poorly encrypted by sensitive data, as it seems that even with a slightly more in -depth browsing content, even users can get passwords.

We are still waiting for the answers with Telekom Slovenije, which we addressed yesterday to society.

Safety in the hands of leaders

What do they say about one of the biggest intrusions at the SI-CERT National Response Center? They answered short and badly saying that they could not comment on investigations that were still underway. In their estimation, the company « understands the importance of cyber security differently », with the main role of business management.

“Unfortunately, business leaders are still considering investment in cyber security as an unnecessary expense. Not all, larger companies, for example, are sufficiently aware of the risks of losing data or other cyber attacks to ensure appropriate security teams, « they say at SI-Cert, adding that » systems have become quite complex everywhere « and that it is not always possible to provide complete security, which is actually known from non-demytial life.

Therefore, in their opinion, it is especially important how the incident responds and how quickly the measures are taken to limit and master it. As they said, « Telekom Slovenije's team quickly and professionally approached the management of this incident. »

SI-CERT processes several cyber incidents each year. Last year, 4587 incidents were processed, of which 790 were more technically demanding.