BOSTON (Reuters) - Hackers with a Vonage Holdings Corp phone subscriber’s name and telephone number could intercept Internet phone calls by exploiting a weakness in the system, a security firm said on Wednesday.
Vonage spokesman Charles Sahner declined comment on the report by Sipera Systems of Richardson, Texas, which said it informed Vonage of the problem more than a month ago. Vonage had not responded, Sipera said.
Vonage, which has almost 2.5 million customers, was a pioneer in the business of selling low-cost phone services that use the Internet to connect calls instead of traditional phone wires.
Vonage has posted huge losses since it went public in 2006 as it has spent heavily on advertising to recruit customers. It is also the target of patent lawsuits from rivals including Verizon Communications Inc and Sprint Nextel.
While crooks have been long been able to hack into traditional phone lines, they’ve had to physically tap into telephone wires to do so.
Without proper security measures, Internet phone providers risk exposing their customers to such attacks from far away as hackers use the Web to access their networks, said Krishna Kurapati, founder and chief technology officer of Sipera.
“This guy could be in Russia and Vonage thinks it’s John Smith. People think they’re calling John Smith and instead they get this guy,” he said.
Matthias Machowinski, an analyst who follows corporate networks for Infonetics, said that while Internet phone systems are vulnerable to such attacks, it is possible to prevent them.
Our Standards: The Thomson Reuters Trust Principles.