#Open journalism No news is bad news

Your contributions will help us continue to deliver the stories that are important to you

Support The Journal
Dublin: 22°C Friday 23 July 2021

Business had €30,000 of calls made without its knowledge after hacking

The communications regulator, ComReg, has said that there have been 16 reported cases by operators of businesses’ phone systems being hacked in recent weeks

Image: Lewis Stickley/PA Archive/Press Association Images

AROUND €30,000 worth of calls were made without the knowledge of a business after its phone system was hacked according to ComReg which says that there has been a “spate” of reported hackings in recent weeks.

The communications regulator said in a statement this evening that there have been 16 reported cases by operators of businesses’ phone systems being hacked.

In one case this involved calls to the value of €30,000 being made without the knowledge of the business, which was not identified.

ComReg has issued a warning to businesses to be vigilant particularly over the Easter holiday weekend when many will be closed for a long duration.

“The problem is that business phones, often known as PBXs, have features on them which may allow unauthorised third parties to dial into the system and place calls through the system without the knowledge of the systems owner,” ComReg explained in a statement tonight.

In many cases businesses use external parties to maintain their phone systems meaning that external access to PBX is required. This means that some external parties have access to maintenance ports which they obtain by dialling into the phones in order to carry out work.

Often these maintenance companies use default or weak passwords which can be exploited by hackers, ComReg says.

In order to stop this it, the regulator recommends that businesses disable remote access and only enable it when it agrees with the maintenance company to do so.

It also urges companies to create stronger passwords for these ports and ensure all phone extensions have strong passwords to avoid individual extensions being hacked.

“Phone systems are like computers,” the regulator says. “They are essential tools to businesses but if your computer held your bank details you would ensure that there were strong passwords and limited access.

“Remember that your phone system can also be used to take money from you and protect it appropriately.”

It adds that if your phone has been hacked you should make contact with ComReg and notify the gardaí.

Read: Mobile users targeted by phone scam involving Lithuanian numbers

About the author:

Hugh O'Connell

Read next: