It looks like Three has suffered from a security breach as the UK-based mobile network has confirmed today that the accounts of over 130,000 customers were breached recently. Three people were reportedly involved in the breach, using official employee logins to access the mobile network’s database of customers, with 133,827 accounts affected in total.
This was a hack and while some personal information may have been obtained, this doesn’t appear to be the driving factor behind the breach. Instead, those involved were seeking out customers who were eligible for an upgrade in order to have a new phone sent out to them that they could then intercept on the way and sell themselves.
In a statement issued by Three Mobile, the network stated that “In total, information from 133,827 customer accounts was obtained but no bank details, passwords, pin numbers, payment information or credit/debit card information are stored on the upgrade system in question”. This means customer bank accounts and such should be safe but things like names, addresses and phone numbers could be used for future phishing scams, so that is worth keeping in mind.
The National Crime Agency arrested three men in connection to this breach. While thousands upon thousands of accounts were accessed, Three says only eight customers had handsets stolen through the upgrade system. Meanwhile, 400 high-value devices have been stolen through other burglaries happening at retail locations.
KitGuru Says: While a huge amount of accounts were technically accessed, it sounds like customers should be fairly safe. Just be wary of any potentially dodgy phone calls or emails as personal information can be used in phishing scams.