The Athens Affair
For ten months around the Athens Olympics, someone had silently turned on the legal-intercept feature of Vodafone Greece and pointed it at the prime minister.
In early 2005, a network engineer at Vodafone Greece discovered that the company's mobile switches had been quietly running unauthorized software for months. The software activated a normally-dormant lawful intercept feature built into the equipment by the manufacturer, Ericsson, and used it to duplicate calls and SMS messages from approximately a hundred selected numbers.
The list
The numbers belonged to the Greek prime minister, members of his cabinet, opposition politicians, civil-society figures, military officers, a US embassy employee, and a Greek-American businessman. The duplication occurred at the switch level — well below the visibility of the targeted handsets — and the intercepted traffic was forwarded to a small set of prepaid mobile numbers that functioned as anonymous receivers.
The intrusion appears to have started in the months before the 2004 Athens Summer Olympics, a period during which both Greek and foreign security services were inside Athens for legitimate reasons. Vodafone Greece's discovery, in early 2005, was accidental; an Ericsson software update generated error reports that exposed the unauthorized add-on.
A death and an investigation that did not close
A Vodafone engineer who had been central to the technical investigation, Costas Tsalikidis, died by suicide days before the company informed the government. Subsequent Greek and US press reporting strongly suggested the operation had been run by a US intelligence service, though no official attribution has ever been confirmed.
What the chronicle remembers
The Athens Affair is the clearest documented case of an attacker enabling a telecom's own legal-intercept feature and pointing it inward. Every later debate about backdoors built into telecommunications equipment — Crypto Wars included — has been argued with Athens in mind.