November 22, 2016 by

Three Mobile Breach Affects over 133,827 Customer Accounts

A data breach targeting prominent UK mobile network provider Three Networks sees a total of 133,827 customer accounts compromised, the company has confirmed.

The mobile network provider has confirmed that no banking information has been obtained by the attackers, while admitting that over 133,000 customer accounts were accessed in total.

Out of that number, 107,102 customers’ information including handset or SIM-only customers, contract start and end dates, the account number and period as a customer with Three, billing dates and names could all be revealed.

Furthermore, some 26,725 customers’ information that was accessed could include personal details such as name, address, date of birth, gender, handset type, contract start and end dates, telephone numbers, email addresses, marital and employment status, previous address as well as the customers’ phone number.

A National Crime Agency investigation has so far seen three men arrested who have alleged ties to the breach.

In a public message to customers, Three CEO Dave Dyson has moved to assure customers that no bank information was accessed, along with an apology.

He also sought to provide answers for the reason behind the breach, stating:

We believe that the primary purpose of this was not to steal customer information but was criminal activity to acquire new handsets fraudulently.

I understand that this will have caused some concern and convenience for our customers and for that, I sincerely apologize.

The company is now reaching out to all affected customers to let them know what details of theirs could be compromised.

“For the avoidance of doubt, no financial information, bank details, payment information, passwords or pin numbers were viewed or obtained,” Dyson added.

The breach, which occurred late last week, saw attackers fraudulently use the company’s phone upgrade system in an attempt to steal handsets. The three accused are now out on bail and Three has added that it is continuing to work with law enforcement agencies.

Image credit: Wikimedia.

About the author

Image of Author

LIFARS is the global leader in Digital Forensics and Cyber Resiliency Services. Our experience spans two decades working on high profile events, often in concert with Law Enforcement Agencies around the world. Our proprietary methodology derives directly and indirectly from our experience working with and for U.S. Intelligence Agencies, Interpol, Europol, and NATO. We are solely dedicated to Cyber Resiliency and thus pay close attention to all aspects of our clients’ engagements experience while providing a strategic and integrated array of services to minimum risk and disruption while protecting your brand.

Related articles

UK Includes Digital Forensics in £20 Million Cybersecurity Program for Schools

The UK Government has launched a £20 million initiative to encourage school children to enter a...

Read more arrow_forward

Report: Nearly Half(!) of all UK Businesses Struck by Cyberattacks

Nearly half of all UK businesses have suffered a cyberattack or a breach in 2016, according to an...

Read more arrow_forward

Tesco Bank Confirms Stolen Funds from CyberAttack

A sophisticated cyberattack targeting Tesco Bank customers has seen a total of £2.5...

Read more arrow_forward