Wednesday, October 6, 2021

Syniverse confirms long running breach of its global SMS network

In an SEC filing, Syniverse, which provides SMS connectivity services for nearly all mobile carriers, confirmed that a cyber breach discovered in May 2021 had been underway since May 2016.

Syniverse said an individual or organization gained unauthorized access to databases within its network on several occasions, and that login information allowing access to or from its Electronic Data Transfer (“EDT”) environment was compromised for approximately 235 of its customers. All EDT customers have been notified and have had their credentials reset or inactivated, even if their credentials were not impacted by the incident. All customers whose credentials were impacted have been notified of that circumstance.

 In its filing, Syniverse also noted that AT&T Mobility generated 11.4% and 13.5% of its total revenues for the six months ended May 31, 2021 and the eleven months ended November 30, 2020, respectively. A significant amount of Syniverse’s remaining revenues were generated by a small number of additional customers, including Twilio. For the six months ended May 31, 2021, Syniverse’s top 10 carrier customers accounted for approximately 45% of its carrier revenue, and its top 10 enterprise customers accounted for approximately 53% of its enterprise revenue.

https://www.sec.gov/Archives/edgar/data/1839175/000119312521284329/d234831dprem14a.htm