A new data breach has affected British telecom provider Three. As sensitive customer information fell into the wrong hands, criminals attempted to execute scam attempts. Additionally, hacking attempts were made to modify user subscriptions, which was made possible thanks to the obtained employee credentials. This is a very troublesome development that goes to show how protecting sensitive data is far more complicated than companies assume.
Major Three Data Breach Causes A Lot of Backlash
When news broke about the Three data breach, a lot of UK customers were concerned for what would happen. So far, multiple complaints of scam attempts have been reported, as well as user-complaints about modified telco subscriptions. Criminals managed to obtain both sensitive customer data, as well as staffer credentials to complete these changes.
Among the information stolen are names, phone numbers, full addresses, and even dates of birth. No financial information was obtained during the data breach, but it is expected that all of these affected users will be targeted in scamming and phishing attacks moving forward. What is rather odd is how Three wasn’t aware of this incident until they received complaints from customers affected by the breach.
So far, police officials have arrested three suspects related to the data breach. With millions of customers suffering from this data breach, swift action is more than warranted. To be more precise, according to The Telegraph, roughly 6 million users may be affected by this incident, although that has not been officially confirmed.
These three arrests were made by the National Crime Agency. Two of the suspects are charged with computer misuse, whereas the third is charged with perverting the course of justice. It remains unclear whether or not these three individuals are related to the data breach, and if they are part of a much bigger group.
Online crime is not the only result of this data breach, though. Handset fraud has been on the rise in recent weeks, with roughly 400 high-value devices stolen from Three branches. Moreover, a total of eight new devices were obtained through illegal carrier plan upgrades, which were made with obtained staffer credentials.
It is not the first time that a UK telco has suffered from such a massive data breach. Earlier in 2015, TalkTalk had its databases breached, exposing sensitive data of over 150,000 users. TalkTalk has lost nearly 100,000 subscribers since then, and it is expected that Three may suffer from a similar fate moving forward.
If you liked this article, follow us on Twitter @themerklenews and make sure to subscribe to our newsletter to receive the latest bitcoin, cryptocurrency, and technology news.