If you are not already following the story about the large SMS hack, while details are developing on the depth and impact, it is good to review some basic security practices to help ensure information safety. The FBI is warning about a massive hack of SMS messaging where information may be intercepted by outside individuals if not protected with encryption. A couple of articles on the story are attached articles with more details. In short, the FBI believes unencrypted text messages may be compromised, and suggest using messaging avenues with end-to-end encryption.
What does this mean?
- Sensitive messages should be sent via encryption.
- This is always true for email as it is an unsecured medium.
- Apple iMessage (blue bubble) and Google Messages (android) ARE encrypted.
- If needed download a 3rd party messaging app, such as WhatsApp
- sending apple to apple or android to android should be fine, with apple the blue bubble indicates iMessage.
- sending to non-similar devices will use SMS and likely is not encrypted.
- Don’t send PHI over unencrypted services (SMS, email, etc.)
- Don’t send login information or passwords over unencrypted services
https://www.govtech.com/security/amid-hack-fbi-issues-warning-about-iphone-android-texts
Seek technical consultation or guidance if any additional questions arise.