Three Mobile data breach: 6 million customers’ personal data at risk
Three Mobile, one of Britain’s biggest mobile operators has admitted that hackers have managed to successfully access its customer upgrade database.
It has been reported that the data accessed included names, phone numbers, addresses and dates of birth of some 6 million ‘Three Mobile’ customers. Luckily, sensitive financial data were not exposed, according to Telegraph report.
It has been revealed that cyber criminals used an employee login to access company database. After gaining access to the database which also contains the personal information of customers who are eligible for an upgrade, they updated it in order to redirect new phones and high-end upgrade handsets to an address where they could intercept them.
A spokesman for Three said: “Over the last four weeks Three has seen an increasing level of attempted handset fraud. This has been visible through higher levels of burglaries of retail stores and attempts to unlawfully intercept upgrade devices.
“We’ve been working closely with the Police and relevant authorities. To date, we have confirmed approximately 400 high value handsets have been stolen through burglaries and eight devices have been illegally obtained through the upgrade activity.
“In order to commit this type of upgrade handset fraud, the perpetrators used authorised logins to Three’s upgrade system.
The National Crime Agency said that three people have been arrested, two for computer misuse and one for perverting the course of justice. It is also reported that the company lost 95,000 subscribers as a result of this attack, which cost it £60 million.
How to protect yourself?
The company said that the compromised database didn’t contain sensitive financial information such as banking or credit card details. But keep in mind that scammers can use exposed personal information to convince customers that they are calling from ‘Three Mobile’, bank or phone company in order to trick them and request bank account numbers or other details. Scammers can also use these details in phishing messages for similar reasons.
First of all, it is strongly advised to prevent sharing your banking details over the phone. It is recommended that customers change their passwords and PIN on their account. If you use the same password with other online account, change the password of these accounts immediately.
It is also advised to contact Three and your bank if you are worried that your information may have been accessed.
* Please subscribe to our free newsletter using the form below to receive latest cyber security news, vulnerability alerts, security updates, malware alerts, how-to guides, data breach and DDoS news, and scam alerts.
1,123 total views, 3 views today