Spark media statement concerning global security vulnerability
Spark has become aware overnight of a global security vulnerability that has the potential to put all Wi-Fi networks, and the devices that access those networks, at risk of being compromised.
We are not aware of any Spark customers who have been compromised by the vulnerability to date.
The Krack vulnerability, which was identified by a security researcher overseas, potentially allows a hacker to eavesdrop on Wi-Fi traffic. The hacker would need to be within Wi-Fi range and would not be able to access encrypted traffic (e.g. most banking websites and some other applications).
Spark is liaising with device manufacturers as a matter of urgency to understand when they will have patches available for their devices and the process for installing those patches on devices. This includes manufacturers of Wi-Fi access points (e.g. modems) as well as all end devices that connect to Wi-Fi networks (e.g. phones, tablets, PCs and laptops, other Wi-Fi enabled devices).
Spark’s own Wi-Fi phone box network remains operational. However, we advise customers to take care, as always, when using any public Wi-Fi network.
Spark will advise customers of any further actions they need to take with respect to their devices or modems as soon as more information is available from the device manufacturers.
ENDS