News
Details of 6 million customers reportedly compromised after hackers use employee login to access handset upgrade database.
3UK on Friday confirmed it has suffered a data breach, with one report claiming that the information of up to 6 million customers may have been compromised.
In a statement, the mobile operator said fraudsters "used authorised logins" to its handset upgrade system for the purposes of stealing high-end smartphones.
According to sources cited by the Telegraph, the private information of two thirds of the company’s customers, of which there are 9 million, could be at risk.
"We are investigating how many customers are affected and will be contacting them as soon as possible," 3UK said, adding that its handset upgrade system does not include any customer payment, card information, or bank account information.
"We’d like to reassure customers that their financial details are not at risk," 3UK said.
The operator said it has experienced a growing amount of attempted handset fraud due to shoplifters and attempts to intercept upgrade devices.
"To date, we have confirmed approximately 400 high-value handsets have been stolen through burglaries and eight devices have been illegally obtained through upgrade activity," 3UK said. "The investigation is ongoing and we have taken a number of steps to further strengthen our controls."
Three arrests have already been made in connection with the attack.
"On Wednesday 16 November 2016, officers from the National Crime Agency (NCA) arrested a 48-year old man from Orpington, Kent, a 39-year old man from Ashton-under-Lyne, Manchester on suspicion of computer misuse offences, and a 35-year old man from Moston, Manchester, on suspicion of attempting to pervert the course of justice," said an NCA spokesman, in an email to Total Telecom.
"All three have since been released on bail pending further enquiries. As investigations are ongoing no further information will be provided at this time."
