RSS
Логотип
Баннер в шапке 1
Баннер в шапке 2

OTE Group

Company

width=200px

Content

History

2022: €3.25 million fine for silent about customer data leak

On February 1, 2022, it became known that the Greek data protection authority imposed a fine of €5.85 million on COSMOTE and €3.25 million on OTE for leaking confidential customer information due to a cyber attack.

According to the regulator, COSMOTE violated at least eight articles of the General Regulation on the Protection of Personal Data (GDPR), including violating its obligation to inform affected customers about the true consequences of the incident.

OTE and COSMOTE are part of the OTE Group, which is the largest telecommunications company in Greece, offering fixed and mobile telephony, broadband services.

Greece's largest telecom company OTE will pay millions to keep silent about customer data leakage

An internal investigation conducted by COSMOTE in 2020 showed that the hacker used social engineering and contacted one of the employees through LinkedIn, and then used gross coercion tools to obtain target account data.

According to the results of the investigation, the attacker repeatedly used the Lithuanian IP address to access one of the OTE servers. The attacker used his credentials five times to steal database files. The size of the stolen data was 48 GB.

COSMOTE stores call information on its servers for 90 days to ensure quality of service and maintains an anonymous version of the data for another 12 months for statistical analysis that helps in targeted service improvement.

As an investigation by the Data Protection Authority found, the anonymization process was not performed properly, and data retention periods were not carefully observed.

The compromised server contained confidential subscriber data and call data for the period from September 1, 2020 to September 5, 2020.

In particular, open parts include the following:

  • Approximate location data of 4,792,869 COSMOTE subscribers;
  • Age, sex, rate plan and ARPU 4,239,213 unique COSMOTE subscribers;
  • MSISDN/CLI 6,939,656 subscribers of other telecommunications providers who interacted with COSMOTE clients;
  • MSISDN, IMEI, IMSI and location of connected towers for 281,403 COSMOTE subscribers in roaming.

Information obtained by attackers can be used for targeted social engineering, phishing and even extortion in some cases.[1]

Notes