November 2nd, 2015, 19:02 PM
Vodafone Breach Exposes Nearly 2K Users
Another day, another British telecom hack: Vodafone UK last week suffered a breach that affected nearly 2,000 customers.
Names, phone numbers, and bank details of 1,827 subscribers were snatched between midnight on Wednesday and midday Thursday.
No credit or debit card numbers were obtained, however, and whatever information was acquired cannot be used to directly access customers' bank accounts. There is still a chance of fraud and phishing attacks, though.
User accounts were blocked on Friday evening, and all affected subscribers and banks were contacted over the weekend.
Hackers weaseled their way into Vodafone's system using email addresses and passwords acquired from an unknown external source. The company's servers, meanwhile, were not compromised.
"Our investigation and mitigating actions have meant that only a handful of customers have been subject to any attempts to use this data for fraudulent activity on their Vodafone accounts," a company statement said.
The news comes just after U.K. ISP TalkTalk was hit with a "significant and sustained cyber attack" on Oct. 21. The company initially said the breach put customers' personal data in jeopardy, but later clarified that the accessed data "is not enough on its own to take money from your bank account."
Two teens were arrested last week in connection with the TalkTalk hack—a 15-year-old from Northern Ireland and a 16-year-old from London.
On Saturday, the Metropolitan Police made a third arrest, taking into custody a 20-year-old man from Staffordshire, on suspicion of Computer Misuse Act offenses. He has been released on bail, pending further charges.
Detectives continue a joint investigation with the Police Service of Northern Ireland's Cyber Crime Center (CCC) and the National Crime Agency (NCA).