According to reports from UK media, Three Mobile was breached by hackers who, according to the National Crime Agency (NCA), gained access to a database data containing account details from six million customers.
The publications They do not report that payment information such as card numbers were stolen, but the hackers gained access to customer names, addresses, phone numbers, and dates of birth.
It is believed that the hackers who used the database to discover the customers who were entitled to upgrade the device with a subsidy. Then the items were changed in orders for new phones to go to their own addresses, earning enough money from their resale.
Three Mobile has seen an increase in phone theft devices from upgrades lately, of which at least eight cases (device upgrades) were stolen when shipped to the recipient. Increases were also noticed in thefts made at retail outlets.
The National Crime Agency (NCA) arrested two men, one from Orpington, Kent, and one from Ashton-under-Lyne in Manchester, with charges involving Three Mobile computer fraud. He also arrested a third person for obstructing investigations.
Such scams are not unknown. In 2014, employees of a company that worked with AT&T were found to have stolen account information to unlock and resell stolen phones.
Earlier this year, another mobile operator in the United Kingdom, TalkTalk lost more than 60 million pounds as a result of a violation of 2015 and exposed account data from 156.000 customers.