Canadian VoIP provider Sangoma has suffered a breach of its SIP trunking service, giving criminals the chance to perpetrate so-called toll fraud by making phone calls at the expense of its users amongst the North American SME community.
Sangoma has taken commendably swift and comprehensive action to notify its customers and reset and reissue users’ randomly generated SIP credentials; as well as introducing a suite of new improvements to its platform. It has also refunded any SIPStation toll charges incurred at the time of the attack, whether or not they were a result of the breach.
As an additional security measure, Sangoma will no longer store SSH and Web GUI credentials for PBX systems in its portal. Originally this was offered to users as a way of speeding up responses for technical support, but Sangoma has decided that greater expediency doesn’t compensate for reduced security.
The incident highlights the inherent danger of VOIP systems, a topic we have previously produced an educational video on. You can watch our cyber crime video here: https://vimeo.com/195689819