The BBC’s Information & Technology correspondent Rory Cellan-Jones said the email addresses and passwords criminals used to find their way in Vodafone accounts appeared to have been bought on the dark web.
Vodafone said it observed attempts to access customer account details between mid-night on Wednesday and noon on Thursday, when it started an investigation. The company also warned customers to be on their guard for “phishing” attempts by the criminals, whereby they will contact those people whose details they have partly acquired in a bid to convince them to hand over their security details.
Hackers may have obtained the bank details of almost 2,000 Vodafone customers, according to the company.
A “handful” of customers have been subject to fraudulent attempts on their accounts, Vodafone said. Banks have been put on alert for fraud and the National Crime Agency (NCA), the Information Commissioner’s Office (ICO) are working to identify the cause of a potential early leak and ensure that all necessary procedures are followed.
The details could not be used to access customer bank accounts but customers may at risk of fraud. 1,827 customers had their account accessed in the attack, but Vodafone insisted its systems were “not compromised or breached in anyway”. A Vodafone spokesman told the BBC the affected Vodafone accounts had been blocked and their banks notified.
The attackers had potentially gained access to the victims’ bank sort codes and the last four numbers of their bank accounts, along with their names and mobile telephone numbers, a Vodafone spokesman said. “No other customers need to be concerned, as the security of our customers’ data continues to be one of our highest priorities”.
The company said yesterday that the attack was “significantly less than originally suspected” and fewer than 21,000 bank account numbers and sort codes were accessed. Two teenagers who were arrested over that incident – a 15-year-old boy from County Antrim in Northern Ireland and a boy aged 16 from Feltham in west London – were released on police bail.
Vodafone U.K. said on Saturday hackers had accessed the accounts of 1,827 of its customers this week, the second cyber attack on a British telecom company this month. The attackers had potentially gained access to the victims’ bank sort codes and the last four numbers of their bank accounts, along with their names and mobile telephone numbers, a Vodafone spokesman said. “This incident was driven by criminals using email addresses and passwords acquired from an unknown source external to Vodafone,” he added in a statement.
Only a handful of those affected in the Thursday morning attack had seen any attempts to use their data for fraudulent activity on their Vodafone accounts. “No credit or debit card numbers or details were obtained. However, this information does leave these 1,827 customers open to fraud and might also leave them open to phishing attempts,” the spokesman said.
The company was contacting all those involved and that other customers need not be concerned, he said. Last week broadband, TV, mobile and fixed-line service provider TalkTalk said it had been hacked, potentially putting the private details of its 4 million customers into the hands of criminals. Less than 21,000 unique bank account numbers and sort codes had been accessed. Two teenagers have been arrested in connection with that attack.