Spanish telecommunication company Telefónica is investigating a possible cyber attack after it emerged that data purportedly belonging to one million of its former customers in Peru was found on an online forum.
The incident underscores the growing cybersecurity risks to telecom companies around the world that are grappling with mounting cyberattacks from cybercriminals and state-backed hackers.
Hackers belonging to a “Dedale” group have claimed the attack took place, and insisted they have information on over 22 million Telefónica customers. As evidence, Dedale has published a sample of one million records that Telefónica has confirmed does seem to include customers in Peru. This is significant, especially if you consider that only two months ago Telefónica completed its withdrawal from the Peruvian industry.
The rumored hack is just the latest in a long line of headline-grabbing cyber intrusions affecting the worldwide telecommunications industry. Salt Typhoon had breached multiple major US operators such as Verizon, AT&T, and Lumen throughout the latter half of 2024, the company claimed, and had used access to lawful intercept requests (LIR) to achieve more extensive access to those networks.
Only two months ago, South Korean telecom giant SK Telecom (SKT) was also hit hard by a breach affecting nearly half of South Korea’s population, with compromised data including mobile numbers and authentication keys.
These attacks, one after another, highlight an important fact: as our telecommunications networks become more advanced so, too, do the skills of their adversaries. The industry’s central role in transmitting huge quantities of personal and national security data also makes it an irresistible target.
To this rising menace, some of leaders in industry and regulators are calling for more offensive security stance. U.S. Vote The U.S. Federal Communications Commission has advocated for a 21st century framework to assist companies in staving off and dealing with cyber attacks.
Commentators stress the importance of telecom companies urgently upgrading to modern cybersecurity solutions, continuing to assess vulnerabilities, and building proper incident response plans. Cross border cooperation between governments, the telco industry and the security forces is also considered essential to be able to identify and respond to threats before they grow.
This Peruvian data exposure is a powerful lesson for Telefónica on the ongoing cyber security challenge of sold off assets. For the wider international telecoms sector, it acts as a timely reminder that security can no longer be allowed to slide as an add-on or afterthought, but rather should be recognised as a core enabler of protecting essential infrastructure as well as customer secrets.
