Makedonski telekom and the 18 months old breach

Makedonski telekom is the second largest telecommunications provider in Macedonia.

The web version of their iptv service called MaxTV was hacked and had links to (fake) online pharmacy stores.

Bellow is the screenshot from the website.
web.maxtv.mk hack
With the help of wayback machine the intrusion can be traced to somewhere between 26th of April and 4th of May 2016.
The issue has been reported on 1st of November and 2 days later, fixed.

Unfortunately, there was no statement, no press release about this incident. I can only hope this will follow in the next few days.

Makedonski telekom recently launched Telekom SafeNet service and if they continue covering breaches, I wonder how long until people start joking with their “safest mobile network” marketing slogan.


21.11.2017 - Update

Turns out this wasn’t the only breach. Another subdomain nabavki.telekom.mk has also been breached 3 years ago. Links from wayback machine here and here.

Both breaches have been reported and the content has been removed. There’s no public notification of these breaches, at this moment it’s unknown if any personal data has been affected.