Customers of the Three mobile network are being urged to watch out for potential fraud or identity theft following the arrest of three men who have been charged with breaching the mobile provider's upgrade database. Although the purpose of the breach was to ‘steal' free phones, it also gave them access to customer data on a large scale.
Using an employee login, the three men who range from their mid-30s to late 40s, were able to access the carrier's customer upgrade system. The men are thought you have sent themselves hundreds of free mobile handsets, potentially worth thousands of pounds. The concern however is that data may have been retrieved from the database, potentially leaving customers vulnerable.
Three has released a statement making it clear that no customer financial data had been accessed, but did admit that names, addresses, phone numbers and dates of birth on a number of customers had been exposed during the breach. It cannot confirm at this time if any of that data was copied away, or how many customers may have been affected. It did however confirm that an investigation is on going and that moving forward Three has strengthened its systems to prevent a similar breach in the future.
Ars reports that Three has informed the Information Commissioner's Office of the breach, but has yet to contact any potentially affected customers with the news. Presumably it will do so when it learns more about the breach and if any data was stolen by those responsible.
Discuss on our Facebook page, HERE.
KitGuru Says: It really puts into context how dangerous the recent Investigatory Powers Bill is. These are the very companies that the government want to store internet connection records on all of us. How can they guarantee those will remain safe?