Three cyber attack: Customer information of 130,000 users accessed by hackers

Three: The company said fraudsters had accessed personal data, including names and addresses
PA
Mark Chandler18 November 2016

More than 130,000 users of the Three mobile network have been hit by a cyber attack which saw hackers access customer information, the operator has said.

Three boss Dave Dyson said in a statement that all customers affected by the hacking were being contacted individually and that while personal information had been accessed, no financial information had been compromised.

Three men were arrested after the data breach was revealed, over the alleged fraudulent use of the company's phone upgrade system in an attempt to steal handsets.

"As you may already know, we recently became aware of suspicious activity on the system we use to upgrade existing customers to new devices and I wanted to update all our customers on what happened and what we have done," Mr Dyson said.

"On November 17 we were able to confirm that eight customers had been unlawfully upgraded to a new device by fraudsters who intended to intercept and sell on those devices.

"I can now confirm that the people carrying out this activity were also able to obtain some customer information.

"In total, information from 133,827 customer accounts was obtained but no bank details, passwords, pin numbers, payment information or credit/debit card information are stored on the upgrade system in question.

"We believe the primary purpose of this was not to steal customer information but was criminal activity to acquire new handsets fraudulently."

Three said it was continuing to work with law enforcement agencies, and as a precaution additional security measures had been placed on customer accounts.

The company had been criticised by some customers on social media for what was seen as a muted response to the breach, however Mr Dyson said Three would address all consumer concerns.

"I understand that our customers will be concerned about this issue and I would like to apologise for this and any inconvenience this has caused," he said.

"We are contacting all of these customers today to individually confirm what information has been accessed and directly answer any questions they have."

Security experts have again called for major companies with large amounts of customer data to do more to protect consumers.

The breach is the latest in a string of cyber attacks and data breaches, including those on TalkTalk and Yahoo.

Create a FREE account to continue reading

eros

Registration is a free and easy way to support our journalism.

Join our community where you can: comment on stories; sign up to newsletters; enter competitions and access content on our app.

Your email address

Must be at least 6 characters, include an upper and lower case character and a number

You must be at least 18 years old to create an account

* Required fields

Already have an account? SIGN IN

By clicking Create Account you confirm that your data has been entered correctly and you have read and agree to our Terms of use , Cookie policy and Privacy policy .

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Thank you for registering

Please refresh the page or navigate to another page on the site to be automatically logged in

MORE ABOUT