Technology

Why Telecom Companies Are Becoming The New Prime Targets For Data Thieves

By David Miller 19 Nov, 2025 125
Why Telecom Companies Are Becoming the New Prime Targets for Data Thieves

It has been commonly believed for years that the areas of cyberwarfare predominantly took place in banking institutions, hospitals, and governmental agencies. However, there has been a more subtle, but more significant, paradigm shift: telecom companies are the new and most valuable targets in the criminal data economy. A difficult recent breach at Millicom shows how vulnerable the telecom sector really is, where hackers said they accessed customer names, account information, IP data, and financial information. Consumers seeking assistance--even seeking help from a data breach lawyer--are just beginning to capture the real nature of the threat.

The Millicom Data Breach serves as a microcosm of a broader framework: hackers don't need to hack financial institutions anymore, because telecom operators have the same information, if not more, that hackers are interested in. In fact, a single telecom profile can contain identity information, billing data, patterns of behavior, footprint patterns of location, and access to associated services, like mobile wallets and subscription streaming services. For hackers, this is the contemporary version of a master key.

1. Telecoms hold identity data that cannot be easily change

Once a bank account is compromised, it can be shut down or re-issued after an investigation. When your phone number, SIM registration, VoIP identity, or device history is stolen, it will usually follow you for years. Criminals and identity thieves are interested in:

- Full names
- National ID
- historical phone and email records
- any fingerprints from your device
- historical IP logging

All of this creates a virtual buffet for sustained fraud and identity theft schemes. 

2. Telecoms sit at the center of financial activity

Millicom together with its brands Tigo, Tigo Money, and the related services reflect a growing truth globally: telecoms are progressively being unofficially regarded as FSPs (Financial Services Providers). For example, mobile wallets, bill-pay, peer-to-peer payments, and online credit make telecom providers a lucrative target for criminals interested in instant monetization. 

3. Behavioral and location data is a goldmine in the underground market

Cyber criminals are no longer satisfied with just lists of names. What they want is behavioral intelligence. This may include:

- Daily routine 
- Logins
- Device movement 
- Browsing exploration
- Spending habits 

These highly sophisticated operations involve phishing schemes, SIM swapping, and identity fraud.


4. Telecom infrastructure is spacer and aging

Telecom companies often run on a patchwork of different systems and technologies including:

- Legacy servers
- Aging network devices 
- Third-party vendors
- Antiquated authentication mechanisms 

This may leave newer industries less vulnerable, simply because they upgraded earlier. ShinyHunters claiming that they accessed Millicom's historic database backups is an example

The Increasing Risk of Data Monetization

The prices of telecom records are some of the highest of any commodity sold on dark-web forums. While bank credentials may work for a few days before being rendered useless, telecom data can drive scams for multiple months or years since it can be abused across platforms and effectively gives a new intruder an entire digital identity.

This risk is exacerbated in high-volume countries, often where operators like Millicom services millions of accounts across a collection of countries. A breach in a telecom operator does not merely result in one compromised service; it often means the compromise of an entire ecosystem.

Why Are We Seeing an Increase in Telecom Compromise?

1. Mobile-first economies have expanded the attack surface

In Latin America, Africa, and Asia, mobile-first citizens engage in using their telecom providers for banking, messaging, identity verification, commerce, and entertainment—meaning telecom is the most centralized holder of one's personal life.

2. Criminal organizations are shifting targets from higher risk to higher reward entities

Banks and large financial institutions have greatly hardened their systems. This is not the case across telecom providers who exhibit a generally uneven level of standards across all markets. 

3. Data extortion has proven to be more profitable than ransomware

Attackers are increasingly stealing data rather than merely encrypting it because telecom customer data is a perfect product to resell, again and again.

A Caution for the Global Telecom Industry

The Millicom breach is not an isolated failure, but rather a caution.

Telecom companies have entered fields that include finance, entertainment, digital identification, and cloud services, but security models have not kept pace.

Governments are already telegraphing regulatory scrutiny, and consumer litigation, usually fueled by data breach attorneys, will continue to accelerate as victims recognize the harm of using telecom data long term.

Next Steps

To not be a national digital infrastructure's Achilles' heel, telecoms must:

  • Modernize legacy databases
  • Limit data retention
  • Migrate towards zero-trust architectures
  • Improve vendor security
  • Increase transparency around breaches

Telecom operators manage the most public blueprint of modern life. The Millicom breach proves that the damage from compromising these records extends beyond financial destruction; it undermines trust itself.