Three Mobile has been forced to fess up to a major data breach which, it has been claimed, could put the personal information of up to 6 million of its customers at risk; three people have already been arrested over the incident.
The company confirmed the breach on last night after admitting that hackers had successfully accessed its customer upgrade database by using an employee login.
However, it declined to say whether customers’ data was stolen or how many have been affected. Some reports suggest that the personal information of two-thirds of the company’s 9 million customers could be at risk.
Three said that the data accessed included names, phone numbers, addresses and dates of birth, but insisted it did not include financial information.
The National Crime Agency is investigating the breach and said that it had made three arrests. A 48-year-old man from Orpington, Kent, and a 39-year-old man from Ashton-under-Lyne, Manchester were held on suspicion of computer misuse offences, and a 35-year-old man from Moston, Manchester on suspicion of attempting to pervert the course of justice.
All three have since been released on bail pending further enquiries.
A spokesman for Three said: “Over the last four weeks Three has seen an increasing level of attempted handset fraud. This has been visible through higher levels of burglaries of retail stores and attempts to unlawfully intercept upgrade devices.
“We’ve been working closely with the Police and relevant authorities. To date, we have confirmed approximately 400 high value handsets have been stolen through burglaries and eight devices have been illegally obtained through the upgrade activity. The investigation is ongoing and we have taken a number of steps to further strengthen our controls.”
To leave a comment please register – it takes less than a minute and is free of charge. You will also get our weekly email update The DM Report (to opt out contact email@example.com). If you are an existing user, please log in. If you have forgotten your log-in details please email firstname.lastname@example.org to get them reset!