Three Mobile Data Breach
3 Mobile hacked and data is leaking!
According to news reports some 6 million customer records have been stolen from Three Mobile (one of the UK’s largest mobile network providers).
In order to commit this type of upgrade fraud the attackers must have used authorised login credentials to access the upgrades systems. Data accessed would have included names, phone numbers, addresses and date of births of customers.
This amounts to a serious security concern. That is enough information to pass basic security for a lot of companies that an average individual would be spending money with, including utilities, telephone and entertainment companies.
This attack will also leave the customer open to phishing attacks that are still harassing customers from the last TalkTalk breach.
These phishing attacks range from a person trying to get access your PC to “Fix the problems” to someone trying to get you to make a payment for continuity of your service.
I took it upon myself to contact ThreeUK to see what was going on as there didn’t seem to be any official report from them regarding the extent of the breach.
Their official stance is:
“We’re aware of an attempted fraud issue regarding upgrade devices and are working with police and relevant authorities on the matter. The objective was to steal high-end smartphones from Three but we’ve already put measures in place to stop the fraudulent activity. We’d like to reassure customers their financial details are not at risk. We’ll update with further info once we have this. At this stage only 8 devices have been obtained illegally as part of the fraudulent upgrade activity.”
To this I asked: How did fraudsters get handset upgrade information?
“We’re aware of an attempted fraud issue regarding upgrade devices and are working with police & relevant authorities on the matter. Within the last week we discovered suspicious activity and started our investigations and formally notified the Police. Our investigation is still underway and we are working with the Police very closely. The objective was to steal high-end smartphones from Three but we’ve already put measures in place to stop the fraudulent activity. Our focus is on identifying instances of handset fraud and preventing any further fraud following this attack.”
To this I asked: How are you going to prevent phishing attempts on your customers following this attack?
“So far we know that 8 devices have been stolen and those customers have been contacted. A system which is used to identify which customers are eligible for an upgrade was accessed by someone unlawfully. We can commit to customers that in the unlikely event we see any illegal activity on your account, including unauthorised access, we will inform you as soon as that has been identified. No financial data such as Bank accounts or credit / debit cards are involved in this matter and customers’ passwords and pin numbers have not been compromised.”
So then I asked: Do you know what data the attackers may have? name? address? email address? home tel? mobile tel?
“We are still investigating but we can confirm that no payment or card information has been accessed. We are contacting those customers who have been impacted by upgrade fraud.”
At this point there is not any official word of what has been taken but I think it is safe to assume that name, address, contact information and even usernames and passwords have been compromised.
If you are on 3 review your security checks and change your passwords and email addresses if possible. If you get a fraudulent phone call from someone claiming to be from 3 they may know your account numbers and details. Report them to us and action fraud.