Cyber Incident Victim: Telefónica

In early October 2022, Telefónica detected a cybersecurity incident affecting a group of Movistar and O2 customers in Spain. The breach involved unauthorized access to technical configuration data stored on customer routers, specifically targeting devices linked to users' landline telephone numbers. Attackers compromised details including the router manufacturer, Wi-Fi network name (SSID), Wi-Fi password, unique device identifiers (MAC addresses), and port configuration settings. Telefónica clarified that the intrusion did not extend to sensitive personal or financial information such as customer names, physical addresses, billing details, bank account numbers, or call records. The company identified the incident through its Movistar security team, which monitored unauthorized access attempts to router management interfaces.

Telefónica promptly notified affected customers via direct communication, instructing them to change their Wi-Fi passwords as a precautionary measure. The company emphasized that stolen configuration data alone could not facilitate remote exploitation, as attackers would require physical proximity to the Wi-Fi signal range to misuse the credentials. Immediate containment measures were implemented to prevent recurrence, though technical specifics of these controls were not disclosed publicly. No operational disruptions to telecommunications services were reported. Telefónica’s public statements consistently maintained that the incident’s impact was confined to non-identifiable technical parameters and posed no material risk to customer privacy or financial security. The breach resolution timeline and total number of affected customers were not disclosed in available reporting.