Three Mobile Hack: What’s Happened and What You Can do About it

What Happened?

Last week, Three mobile announced that the accounts of around 6 million customers had been compromised, after its systems had fallen victim to a recent hack.

The telecoms company admitted that an employee’s login had been illegally used to access its customer upgrade database, which had prevented the action from being initially identified as a hack.

The personal details of 6 million customers were stolen; including names, phone numbers, addresses and dates of birth. Three have stressed that no financial information was taken.

Experts have labelled the hack as being one of the largest of its kind, surpassing the attack on mobile competitor Talk Talk, which left the private details of 157,000 of its customers at risk. Last year’s hack cost Talk Talk £60 million, on top of the £400,000 the company was fined, which saw 95,000 subscribers leave the provider for fear of future breaches. Three could be in for an even harsher punishment, with the company potentially facing a fine of £500,000 (the maximum that the Information Commissioners Office can levy).

Three have spoken out about the attack, confirming that they were conducting a full investigation. So far, they’ve discovered that hackers have been using the data to access customer accounts to request mobile upgrades, before intercepting them and presumably selling the stolen mobiles off.

After being asked for further details Three explained: “Over the last four weeks Three has seen an increasing level of attempted handset fraud […] We have confirmed approximately 400 high value handsets have been stolen through burglaries, and eight devices have been illegally obtained through upgrade activity”

The National Crime Agency have been involved in investigations, having already arrested two people over suspected computer misuse, and one person for perverting the course of justice.

Government Chancellor; Philip Hammond has spoken out about the hack, stating that companies have a duty to protect their customers against acts of cyber criminality, and that many were failing to do so. Hammond spoke out about customers entrusting their personal details with online corporations: “Trust in the internet and the infrastructure on which it relies is fundamental to our economic future”.

How Could You be Affected?

Three has stated that customers on prepaid tariffs, or pay-as-you-go tariffs will not be affected by the hack. They have not yet gathered enough information to confirm whose details have been stolen, but they have suggested that even the accounts of previous customers may have been compromised.

Customers have been warned to keep an eye on their Three accounts in case hackers attempt to access them, and use them to illegally obtain devices. Victims appear to be most concerned about their personal details being sold online to other cyber criminals and scammers. These details could be used to convince people that phishing callers are legitimate company representatives. Victims could also see an increase in the number of phishing or spam emails they receive in the near future.

What Can You Do About it?

If you are a Three mobile customer, and you’re concerned that your account may have been compromised; then there are steps you can take to protect yourself against exploitation.

Contact Three

Since the announcement of the attack, Three have released a number that customers can call if they are concerned about the safety of their account. Customers can call 333 on their Three network mobile, or 0333 338 1001 on any other phone, to inquire about the hack and whether they may have been affected. Three have also promised that they will contact every customer affected by the attack, and will update them on their situation very soon.

Contact Your Bank

Despite Three assuring their customers that no financial details were stolen, many are still understandably worried about the safety of any bank accounts attached to their mobile tariffs. If you’re concerned about whether the hack has affected your finances, contact your bank and confirm the status of your accounts and the security attached.

Change Your Three Password, Pin and Any Associated Passwords

Three have already advised its customers to change their account passwords and pins, regardless of whether they think they’ve been affected. They’ve also said that if your Three password is similar to any of your other account passwords, to change those as well. Your account passwords should be as unique as possible, in order to prevent potential hacking. We advise the use of a good password manager; such as LastPass or Dashlane, to help create strong passwords.

Identify and Ignore Scam Calls and Emails

Since customers’ personal details have been compromised, those responsible may decide to sell these to other illegal operators for additional profits. This could mean that victims of the hack may experience an influx of phishing calls and emails in the next few weeks. If you do encounter a suspicious email in your inbox, then follow these steps to identify and avoid phishing emails. If you happen to receive a cryptic call asking for bank details; firstly, legitimate employees should not be asking for these kinds of details. Secondly, if you do receive a suspicious call, then be sure to directly contact the company they claim to be before doing anything.

Three could find it difficult to recover, after experiencing a hack of this scale. But their customers should be able to stay safe and keep their accounts secure, if Three react quickly and people follow the right steps. For more advice on mobile security, have a look at our other blogs.