Cyber hack of U.K. mobile phone network puts customer information at riskReprints
(Reuters) — Three, the smallest of Britain's four mobile phone networks, said late on Thursday hackers had accessed its customer upgrade database after using employee logins.
The cyber security breach could put the private information of two-thirds of Three's 9 million customers at risk, the Telegraph said, citing sources familiar with the incident.
Three said it was investigating how many customers were affected and would be contacting them as soon as possible.
"This upgrade system does not include any customer payment card information or bank account information," Three spokesman Nicholas Carter told Reuters in an email.
The company, part of CK Hutchison Holdings Ltd., said that over the last four weeks Three has seen an increasing level of attempted handset fraud.
"To date, we have confirmed approximately 400 high-value handsets have been stolen through burglaries and eight devices have been illegally obtained through the upgrade activity," Mr. Carter said.
"This has been visible through higher levels of burglaries of retail stores and attempts to unlawfully intercept upgrade devices."
Three men have been arrested in connection with the breach at Three, the National Crime Agency said Friday.
A 48-year-old man from Kent, southern England, and a 39-year-old man from Manchester, northern England, were arrested on suspicion of computer misuse offences, and a 35-year-old man, also from Manchester, was arrested on suspicion of attempting to pervert the course of justice, the NCA said.
All three have been released on bail pending further enquiries, a spokesman said.