Vodafone Says U.K. Customers Accounts Accessed by Hackers

[Audrey McNeil <audrey () riskbasedsecurity com>]

http://www.bloomberg.com/news/articles/2015-10-31/vodafone-says-some-u-k-customers-accounts-accessed-by-hackers

Vodafone Group Plc. said criminals accessed customer account details,
including phone numbers and some bank details, in the second hacking attack
in just over a week on a U.K. phone carrier.

The company is contacting about 1,800 affected customers, Vodafone said in
a statement Saturday. The hackers accessed subscribers’ e-mail addresses
and passwords through a third party and Newbury, England-based Vodafone’s
own systems weren’t breached, the company said.

Vodafone said it noticed attempts to access customer account details
between midnight on Wednesday and noon on Thursday, when it started an
investigation. On Friday, the company notified the National Crime Agency
and Information Commissioners’ Office, which is responsible for guarding
personal data privacy in the U.K.

TalkTalk Telecom Group Plc said on Oct. 23 that its systems had been
attacked and that the provider of broadband and TV packages received a
ransom demand from hackers. Police have arrested two teenage boys and a
20-year-old man in connection with the hack, which may have exposed fewer
than 21,000 unique bank account numbers. At the time of the TalkTalk
incident, Vodafone said it had a team of security experts that monitor the
status of its network and computer systems “continuously” to keep customer
data safe.

Hackers may have potentially gained access to Vodafone customers’ names,
phone numbers and the last four digits of their bank account numbers. A
“handful” of customers have been subject to fraudulent attempts on their
accounts, Vodafone said.

Vodafone had more than 18 million mobile customers in the U.K. at the end
of June.

T-Mobile US Inc., Dixons Carphone Plc and Sony Corp. are among companies
that also have sustained hacking attacks in the past year. Adultery website
AshleyMadison.com was hit in July, and the perpetrators ended up releasing
information they said included details of more than 36 million users
including full names, e-mails and banking information.

_______________________________________________
Dataloss Mailing List (dataloss () datalossdb org)
Archived at http://seclists.org/dataloss/
Unsubscribe at http://lists.osvdb.org/mailman/listinfo/dataloss
For inquiries regarding use or licensing of data, e-mail
        sales () riskbasedsecurity com 

Supporters:

Risk Based Security (http://www.riskbasedsecurity.com/)
YourCISO is an affordable SaaS solution that provides a comprehensive information security program that ensures focus 
on the right security.  If you need security help or want to provide real risk reduction for your clients contact us!