UK mobile company Three has fallen victim to a
major data breach, with up to six million customers reported to have been affected.
Data that has been accessed includes names, phone
numbers, addresses and birth dates.
Three said that fraudsters were able to retrieve
the information by logging into a database listing the names of customers who
were entitled for a phone upgrade.
Three men have subsequently been arrested by the
National Crime Agency (NCA), in connection with the data breach.
According to the BBC, Three is now investigating
exactly how many of its nine million customer accounts were accessed.
A spokesman for Three said: “Over the last four
weeks, Three has seen an increasing level of attempted handset fraud.
“This has been visible through higher levels of burglaries
of retail stores and attempts to unlawfully intercept upgrade devices.
“To date, we have confirmed approximately 400
high-value handsets have been stolen through burglaries and eight devices have
been illegally obtained through the upgrade activity”.
The UK mobile operator is the latest company to
fall victim to a cyberattack. Last year, TalkTalk saw over 150,000 of its
customers have their personal details compromised.
Recently, a 17-year old boy admitted to being behind the TalkTalk cyberattack, describing
it at the time as “a passion”.
The teenager pleaded guilty to seven offences,
admitting to Norwich Youth Court in the UK that he “didn’t think of the
consequences” behind the attack.
TalkTalk, for its part, was fined a record £400,000 for not having in place adequate
cybersecurity measures.