[11/18/16] A major security breach at the UK’s Three Mobile has potentially exposed the data of up to six million customers, a source told The Telegraph. Three suspected hackers, who reportedly used an employee login to access its database, have been arrested.
Three Mobile, one of the UK’s largest network providers, admitted on Thursday evening that hackers had managed to gain access to its customer upgrade database by using an employee login.
“In order to commit this type of upgrade handset fraud, the perpetrators used authorized logins to Three’s upgrade system,” a Three spokesperson said, adding that the data accessed included the names, phone numbers, addresses, and dates of birth of the company’s customers, but no financial information.
The hackers managed to gain access to customer accounts and upgrade them. They then intercepted the newly ordered phones, presumably in order to sell them.
“Over the last four weeks Three has seen an increasing level of attempted handset fraud. This has been visible through higher levels of burglaries of retail stores and attempts to unlawfully intercept upgrade devices,” the Three spokesperson said, noting that the company has confirmed eight cases of phones being illegally obtained through the upgrade so far.