Vodafone has become the latest U.K. telco to suffer a cyber attack, after personal information, including bank details, of more than 1,800 customers was stolen last week.
The operator said the attack took place between midnight on Wednesday 28 October and midday on Thursday 29 October, during which the accounts of precisely 1,827 customers were accessed.
The attackers may have been able to see the name, phone number, bank sort code, and last four digits of the bank account number of affected customers.
"This incident was driven by criminals using email addresses and passwords acquired from an unknown source external to Vodafone," said Vodafone in a statement o n Friday.
While the information obtained during the attack cannot be used to take money from a customer’s bank account, it does leave them vulnerable to fraud.
"We have already contacted the banks of affected customers to alert them to the situation and they are following established procedures in order to protect customers. We will also be loading customers’ details into the Credit Industry Fraud Avoidance Service (CIFAS) database, which will ensure that bank or mobile operators will make additional checks to avoid fraud," Vodafone said.
The attack on Vodafone follows a much larger one on TalkTalk that compromised the personal information of millions of customers.
Over the weekend, TalkTalk confirmed that 21,000 bank account numbers and sort codes were accessed, and 28,000 partially-obscured credit and debit card numbers were obtained. Around 15,000 dates of birth were accessed, as were 1.2 million email addresses.
TalkTalk has contacted affected customers, reminding them to watch out for attempts to defraud them.
