Vodafone UK has revealed that unknown hackers accessed the accounts of nearly 2,000 customers in a cyberattack this week.
It’s the second known cyberattack resulting in a breach of confidential customer account data from a telecommunications company in Britain this month. After the recent TalkTalk breach that may have affected up to 4 million customers, telecom giant Vodafone has revealed to a cyberattack targeting its customers, Reuters reports.
A Vodafone spokesman noted that it’s very likely that attackers gained access to victims’ bank details such as:
- Sort codes and last four numbers of their bank accounts.
- Real names
- Telephone numbers
The attack reportedly occurred this Thursday, and the spokesman confirmed that a handful of attempts trying to engage in fraudulent activity from the breached data were made.
External Catalog Resulted in the Breach
Vodafone contends that the exact number of customer accounts targeted by attackers – 1,827 occurred due to an external compromise that did not involve the company’s servers. He points to usernames and passwords obtained from “an unknown source external to Vodafone,” being the originating source from where attackers obtained the login credentials to access the Vodafone accounts.
Related article: UK Telecom Provider TalkTalk Breach May Affect 4 Million Customers
Additionally, he confirmed that no credit or debit card numbers nor their details were obtained in the hack. He did add that the likelihood of the targeted customers being open to fraud might leave them vulnerable as targets of identity theft and phishing attacks.
In a statement, he said:
No credit or debit card numbers or details were obtained. However, this information does leave these 1,827 customers open to fraud and might also leave them open to phishing attempts.
The global telecom company is also reaching out to potentially affected customers and confirmed through the spokesman that those who aren’t contacted need not worry about the incident.
These [affected] customers’ accounts have been blocked and affected customers are being contacted directly to assist them with changing their account details.
Several banks have been put on alert in the very plausible likelihood of fraudulent transactions as a result of the breach and law enforcement agencies along with authorities such as the National Crime Agency (NCA), and the Information Commissioner’s Office (ICO) are investigating the incident. Their actions will include looking for the source of the original external leak.
Finally, the spokesman confirmed that Vodafone’s systems and networks were “not compromised or breached in any way.”