Some Hackers from United Kingdom have been accused to get into Three UK’s database to steal customer data in order to “steal” their upgraded mobile phones from them. THREE UK is United Kingdom’s largest Telecom Provider Company covering around 80% of UK’s population at present with their services. According to THREE, the database included names, phone numbers, addresses, and dates of birth. Hopefully there was no financial information about their customers stored by them in their systems according to the firm.
According to THREE, the penetration was performed by making use of an employee’s Login ID rather than making use of any exploit to get into company’s loopholes. Also the company states that over past three four weeks they are experiencing “an increasing level of attempted handset fraud.”
The frauds include getting into the company stores and then showing customer data and then requesting for an “upgraded Smartphone” as per THREE’s company plans and subscriptions.
A Company spokesman stated about this matter, “To date, we have confirmed approximately 400 high value handsets have been stolen through burglaries and eight devices have been illegally obtained through the upgrade activity. The investigation is ongoing and we have taken a number of steps to further strengthen our controls. In order to commit this type of upgrade handset fraud, the perpetrators used authorized logins to Three’s upgrade system. This upgrade system does not include any customer payment, card information or bank account information.”
According to local news three of the alleged have been arrested by the police, one from Kent and the other two from Manchester. Going in depth in the matter, according to the police two were arrested because of suspicion of computer misuse offenses, while the third one was arrested on suspicion of attempting to “mock” the course of justice.The firm they still have to inform their customers in UK about their compromised data.