Mass Vodafone hack hits two million users
Published: 12 Sep 2013 10:43 GMT+02:00
Updated: 12 Sep 2013 10:43 GMT+02:00
- Cyber thieves plunder 250,000 accounts (08 Aug 13)
- 'Serious security flaws' in Vodafone routers (06 Aug 13)
- Cashpoint criminals target hundreds of ATMs (10 Jul 13)
The cyber criminals also got their hands on customers' names, genders, birthdays as well as bank sort codes, account numbers and home addresses.
The attack was, Vodafone said, well-planned, with “possible inside knowledge used to get deep in the company's IT system.” There are no clues at this point to suggest who did it.
One suspect's house has already been searched, bosses confirmed, and a hunt is underway to track the hackers down.
Vodafone said hackers had not gained access to credit card details, passwords, PIN numbers, mobile phone numbers or transaction details, but bank account numbers were stolen. “We apologize to everyone affected,” it said in Thursday's statement.
It should not, the statement said, be possible for the hackers to access bank accounts with the data they obtained. But the information could be used to make fake email accounts to use in phishing attacks.
Bosses have advised customers to be “be very careful when asked over the phone or via email to give out personal information like passwords or credit card details.”
In August, Vodafone admitted that certain router models had serious safety problems, of which they were aware for months but said nothing. Whether or not the hackers gained data through this hole is not yet clear.