Crooks used an employee log in to access the mobile phone company’s database of customers who were eligible for a handset upgrade. They then arranged for new phones to be posted to a number of customer addresses in a bid to then intercept the handsets before they arrived.
The breach was identified on Monday 13th November and, so far, the company says it has identified a small number of accounts to have been wrongly upgraded. Three has now launched a full-scale investigation to gauge the size of the problem. Three men have been arrested and the incident is being investigated by the National Crime Agency.
A Three spokesman confirmed that the upgrade system was accessed with the intention of intercepting handsets before they got to customers. There are no bank details or card details on this database and it says the system was secured as soon as the problem was flagged.
He said: “Over the last four weeks Three has seen an increasing level of attempted handset fraud. This has been visible through higher levels of burglaries of retail stores and attempts to unlawfully intercept upgrade devices. We’ve been working closely with the police and relevant authorities."
How many customers have been affected?Three says that, so far, only eight accounts have been identified as having been wrongly upgraded. However, the spokesperson could not provide an estimate as to the number of accounts that may have been affected.
A report in The Telegraph earlier today suggested that two thirds of Three’s nine million customers may have been affected. The Three Spokesperson denied that this was the case.
They claimed that, until the full investigation is completed, it isn’t possible to put a number on those affected. However, it's understood the number exposed to the risk of fraud is significantly smaller than its overall customer base as only the database for those eligible for upgrades was accessed.
Three will be contacting affected customers as soon as they are identified.
In addition Three also confirmed that almost 400 high value handsets had been stolen through burglaries.
What exactly has been taken?
Three has also confirmed that while the information was viewed, it was not removed from the system. The database includes the details of all Three's customers who are due for upgrade, although it is not possible yet to identify whether all of this information has been viewed.
While financial information and card details were not on the database, personal information such as names, dates of birth and where supplied, contact details such as addresses were.
What do I do if I think I’ve been affected?Three has confirmed it is contacting all those that have been affected by the issue.
We spoke to Three who said they have not yet confirmed how they will be resolving the problem. We will update this article when we hear more.
However, if you have any suspicious problems (such as a sudden payment increase on your mobile plan or a mysterious new handset appearing at your door) then you should get in touch with the company’s customer service team on 0333 300 3333?
How to protect yourselfIn this instance, there was very little that customers could do in order to protect their information, as the breach came from within the systems at Three Mobile.
However, it is a stark reminder of the importance of staying safe online and there are a few measures you can take to minimize your risk of being hit by cyber-crime.
- Regularly changing your passwords
- Purchasing and updating anti-virus software
- Watching out for emails with incorrect spelling and grammar
- Shredding all mail that you receive from your bank or other financial institutions
For more details on how to stay safe check out our Guide on stopping scams. This recent news is the latest in the long line of data breaches at mobile telephone companies. Companies such as Vodafone and Talk Talk have also reported data breaches in the past year.