The U.K telecom major Three has suffered a massive data breach compromising sensitive information of millions of their subscribers. As per experts, the attack on Three is one of the largest successful hacks to ever happen in the U.K.
In the breach, the hackers have gained access to the upgrade database of Three that contains the personal information including the contact numbers of the millions of its customers. However, what is not clear is whether the database contains only the existing customers or the previous customers as well. If it turns out to be having the details of the previous customers as well, who no longer are the subscribers of Three, then the magnitude of breach is going to be much more than what is being anticipated as of now.
How did the attack happen?
Well, the exact details are not known as of now but it is being alleged that the hackers stole the login credentials of an employee and used that to gain access to the system. A favorable outcome for the hackers because of the modus operandi adopted by them is that it helped them sneak quietly into the database without anybody noticing them. After gaining access, the hackers manipulated the database and sent the high-end upgrade handsets to their own servers.
As per Three, the hackers did gain access to personal details including names, phone numbers, addresses, date of birth, email addresses. But the company is silent on the question whether hackers stole this data or not.
How do I get to know if hackers have stolen my information?
As per the information released by Three till now, the prepaid subscribers were at no risk. However, for the post-paid subscribers the company has asked the concerned customers to ring them up on 333 from a Three mobile phone or 0333 338 1001 from any other phone to know if their details were stolen.
If hackers have stolen my information, what should I do?
If you are one of the unlucky subscriber whose information has been stolen by the hackers, then you need to be alert against identity theft. As per Three, the database did not contain any financial information and details of credit cards and debit cards. However, a lot of your personal information has been stolen by the hackers that can be used by them to conduct financial fraud against you. Also, you should immediately change your passwords of all email, online banking, social media accounts and others. This is because hackers can use your personal information to guess your password. More so, they can also crack your security question and change your password. Make sure you have activated two-factor authentication on all your accounts. That would enable an added layer of security. Beware of phishing links that hackers may email or text you disguised in one form or the other. Also, you should convey to your bank that your details have been stolen and ask for security assurance from your bank.