Ars article: https://arstechnica.com/information-technology/2022/02/vodaf...
"Vaz said the company hadn't received any ransom demand that would indicate it was hit by a ransomware attack. The CEO also said he had no indications the attackers had accessed subscriber information or other sensitive data."
Yet at the same time - "The attack comes a month after the websites of two of Portugal's biggest news outlets—Impresa and later COFINA—were hacked by a ransomware group calling itself Lapsus$."
As to why there's been no discussion, it seems like there just isn't much information to discuss at the moment. Vodafone Portugal's in damage-control mode, they don't want to say more than they have to, and what's been said is in Portuguese.
OP - are you in Portugal? Desculpe if so! I imagine this is a big deal in-country.
Vodafone Portugal target of cyberattack
Vodafone was the target of a disruption in its network, which began on the night of February 7, 2022 due to a deliberate and malicious cyberattack in order to cause damage and disturbance. As soon as the first signal of a problem on the network was detected, Vodafone acted immediately to identify and contain the effects and restore the services.
This situation is affecting the provision of services based on data networks, namely 4G/5G network, fixed voice services, television, SMS and voice/digital service. We have already recovered mobile voice services and mobile data services are available exclusively on the 3G network almost throughout the country but, unfortunately, the size and severity of the criminal act to which we have been subjected implies for all other services a careful and prolonged recovery work involving multiple national, international teams and external partners. This recovery will happen progressively throughout Tuesday.
Although the in-depth investigation of the criminal act to which we have been subjected will last indefinitely and with the involvement of the competent authorities, we have no evidence to date that Customer data has been accessed and/or compromised. Vodafone remains absolutely determined to restore the normality of services in the shortest possible time and deeply regrets the inconvenience caused to our Customers.
We have at Vodafone Portugal and the Group an experienced team of cybersecurity professionals who, together with the competent authorities, are conducting an in-depth investigation to understand and overcome the situation. We will update information about the status of service as the situation progresses.
https://news.ycombinator.com/item?id=28223747
Is there a law in the U.S. requiring telecoms to collect such information? Yet there's no law requiring purge of old customer data, with affected people not having been customers in years.
Might be some ransomware operators or malicious parties trying to extort them.
Hopefully soon. Until there are fatalities for acts of war against a country's infrastructure, they will continue.