2023 is shaping up to be the year of telecom hacks. All of the big 5G operators in the US – Verizon, T-Mobile, AT&T and Dish Network – have been involved in some kind of security incident already this year.

Broadly, the situation doesn't come as a surprise. Hacks and other cybersecurity troubles have become de rigueur among corporate America in recent years as aging IT infrastructure struggles to withstand dramatic increases in the scope and scale of cyber attacks.

Figure 1: (Source: NicoElNino/Alamy Stock Photo)

Indeed, the Biden administration this month issued a new vision for beefing up the nation's collective cybersecurity posture. And in the telecom industry specifically, the GSMA trade group recently released a path for network operators to prepare for cyber threats from quantum computers.

But that doesn't appear to have stopped the attacks on US wireless network operators. Here are the latest security incidents:

AT&T

As noted by Cnet this week, one of AT&T's vendors was hacked in January, which exposed older data relating to 9 million customer accounts. The data involved customer names, account numbers, phone numbers and email addresses, but not things like social security numbers. An AT&T representative declined to name the vendor that had been hacked.

Verizon

Verizon appeared to have suffered from a similar event at roughly the same time. According to a number of reports, details on roughly 7.5 million Verizon customers were leaked through a hack of a Verizon vendor. The operator said it was a vendor that creates videos for the company's bills, but company officials did not respond to Light Reading questions about the identity of the vendor.

Dish

While the incidents involving AT&T and Verizon centered on the companies' vendors, Dish appears to have been hacked directly. According to the latest reports, Dish's internal IT systems – including those involving its customer care services – have been affected by a "cyber-security incident" and the company is still investigating it. Incredibly, more than two weeks after the company first announced the situation, Dish's main website still warns customers that the company is "working hard to update our full website and get services back up to help you."

T-Mobile

Finally, T-Mobile earlier this year reported that a "bad actor" was able to obtain information on millions of its customers through an application programming interface (API) into its systems. That announcement followed almost half a dozen other hacks into T-Mobile's systems over the past several years.

Related posts:

— Mike Dano, Editorial Director, 5G & Mobile Strategies, Light Reading | @mikeddano