recommended reading

Threatwatch

Almost 134,000 Customers’ Info Breached in Phone Scam

Network intrusion

Three, one of the U.K.’s largest mobile services providers, confirmed that almost 134,000 customers’ information was compromised in a scheme to steal phones, according to reports.

“We believe the primary purpose of this was not to steal customer information but was criminal activity to acquire new handsets fraudulently,” Three CEO Dave Dyson said in a statement.

Bad actors accessed the company’s phone upgrade system, which doesn’t contain financial information like bank accounts or passwords, according to the Guardian. Three said eight customers had been “unlawfully upgraded” to new phones.

For most customers, the compromised information could include name, billing date, which phone they use, and contract start and end dates, but for almost 27,000 customers, more information could have been accessed, ZDNet reports. Those additional personal details could include address, date of birth, email address, previous address, marital status and employment status.

The National Crime Agency arrested three men as part of the investigation.

sector

Telecommunications

reported

November 18, 2016

reported by

The Guardian

number affected

134,000

location of breach

United Kingdom

perpetrators

Criminals

location of perpetrators

Unknown

date breach occurred

2016/11/17

date breach detected

2016/11/17