Readers like you keep news free for everyone.

More than 5,000 readers have already pitched in to keep free access to The Journal.

For the price of one cup of coffee each week you can help keep paywalls away.

Support us today
Not now

Business had €30,000 of calls made without its knowledge after hacking

The communications regulator, ComReg, has said that there have been 16 reported cases by operators of businesses’ phone systems being hacked in recent weeks

Image: Lewis Stickley/PA Archive/Press Association Images

AROUND €30,000 worth of calls were made without the knowledge of a business after its phone system was hacked according to ComReg which says that there has been a “spate” of reported hackings in recent weeks.

The communications regulator said in a statement this evening that there have been 16 reported cases by operators of businesses’ phone systems being hacked.

In one case this involved calls to the value of €30,000 being made without the knowledge of the business, which was not identified.

ComReg has issued a warning to businesses to be vigilant particularly over the Easter holiday weekend when many will be closed for a long duration.

“The problem is that business phones, often known as PBXs, have features on them which may allow unauthorised third parties to dial into the system and place calls through the system without the knowledge of the systems owner,” ComReg explained in a statement tonight.

In many cases businesses use external parties to maintain their phone systems meaning that external access to PBX is required. This means that some external parties have access to maintenance ports which they obtain by dialling into the phones in order to carry out work.

Often these maintenance companies use default or weak passwords which can be exploited by hackers, ComReg says.

In order to stop this it, the regulator recommends that businesses disable remote access and only enable it when it agrees with the maintenance company to do so.

Making a difference

A mix of advertising and supporting contributions helps keep paywalls away from valuable information like this article.

Over 5,000 readers like you have already stepped up and support us with a monthly payment or a once-off donation.

For the price of one cup of coffee each week you can make sure we can keep reliable, meaningful news open to everyone regardless of their ability to pay.

It also urges companies to create stronger passwords for these ports and ensure all phone extensions have strong passwords to avoid individual extensions being hacked.

“Phone systems are like computers,” the regulator says. “They are essential tools to businesses but if your computer held your bank details you would ensure that there were strong passwords and limited access.

“Remember that your phone system can also be used to take money from you and protect it appropriately.”

It adds that if your phone has been hacked you should make contact with ComReg and notify the gardaí.

Read: Mobile users targeted by phone scam involving Lithuanian numbers

About the author:

Hugh O'Connell

Read next: