O2 Confirms Hack That Wiped Out Some German Customers Bank Accounts

02, the mobile phone seller, confirmed it was the target of hackers that exploited a weakness in a protocol used by telecom networks for two-factor verification.

According to a report, O2 confirmed the protocol that connects the back ends of telecom networks was exploited to intercept and reroute two-factor verification codes that were sent by German banks to customers’ mobile phones to authorize the transfer of funds online. The weakness in the protocol has been known about since around 2014, noted the report. Researchers have demonstrated that anyone with access to the telco can log on to third-party networks to track phones and redirect messages.

O2 confirmed that some of its German customers had their accounts emptied by hackers after they fell victim to a phishing scam that stole their usernames, passwords, phone numbers and bank account details. With the information in hand, the attackers used the SS7 protocol to intercept and redirect mobile transaction authentication numbers the German banks sent for the money transfers.

“Criminals carried out an attack from a network of a foreign mobile network operator in the middle of January,” 02 told German newspaper Süddeutsche Zeitung according to the report. “The attack redirected incoming SMS messages for selected German customers to the attackers.”

The hack on 02 comes at a time when hack attacks are on the rise around the world. In Verizon’s most recent Data Breach Investigations Report, the company found ransomware incidents have risen 50 percent over the last year. What’s more, based on data from 65 organizations, 42,068 incidents and 1,935 breaches in 84 countries across the globe, Verizon found the top three industries for data breaches are financial services with 24 percent of the total, healthcare at 15 percent and the public sector at 12 percent. Retail and accommodation combined to account for 15 percent of breaches.