On October 8, Data Breach Today reported that Syniverse, a company that routes calls and text messages for 95% of the world’s top mobile carriers to the tune of 1 trillion (yes, trillion) messages a year, has disclosed it suffered a five-year breach. Likely, that breach has affected each of you reading this Privacy Peril.
So what can you do about this supply chain vendor breach? Actually, not a whole lot. However, we can learn one lesson about using two factor (or multi-factor) authentication to secure website logins. We have recommended — and still recommend — you take advantage of 2FA or MFA whenever available. Nevertheless, cell phones can be lost or stolen, and SIM swap fraud is a growing risk. Instead, strongly consider choosing a second security factor other than receipt of a texted code if one is available, such as by receiving a landline call.
Security is not always convenient. Indeed, inconvenience is often the source of security.