Police arrest three men over Three data breach in phone fraud inquiry
- Credit: PA
Three men have been arrested after a data breach at the Three mobile network allowed fraudsters to steal phones.
The company said fraudsters had accessed personal data, including names and addresses, by using authorised logins to its database of customers eligible for an upgraded handset.
The fraudsters are then understood to have used the information to arrange for upgraded phones, believed to include iPhone and Samsung handsets, to be sent to eight customers before intercepting them.
On Wednesday, the National Crime Agency arrested a 48-year-old man from Orpington, Kent, and a 39-year old man from Ashton-under-Lyne, Manchester, on suspicion of computer misuse offences as well as a 35-year old man from Moston, Manchester, on suspicion of attempting to pervert the course of justice.
Three, which has nine million customers, said customers' financial information was not stored on the system while an investigation into the total number affected was ongoing.
You may also want to watch:
A spokesman for the firm said: 'Over the last four weeks Three has seen an increasing level of attempted handset fraud.
'This has been visible through higher levels of burglaries of retail stores and attempts to unlawfully intercept upgrade devices.
- 1 Murder investigation launched after woman found dead following house fire
- 2 11 Norfolk cafés perfect for outdoor dining
- 3 Vision for multi-million pound new Norwich venue revealed
- 4 Child taken to hospital after being pulled from the sea
- 5 Thieves swam across river to steal paddleboards from new firm
- 6 Murdered Norfolk mum's bravery has helped family through their darkest days
- 7 Police reopen road following earlier crash
- 8 Be lord of the manor: Site of forgotten mansion for sale for £2.3m
- 9 In pictures: England fans enjoy Euro 2020 win at Norwich fan park
- 10 'Be responsible' - coastguard issues warning after seven-year-old is rescued from sea
'We've been working closely with the police and relevant authorities.
'To date, we have confirmed approximately 400 high-value handsets have been stolen through burglaries and eight devices have been illegally obtained through the upgrade activity.
'The investigation is ongoing and we have taken a number of steps to further strengthen our controls.
'In order to commit this type of upgrade handset fraud, the perpetrators used authorised logins to Three's upgrade system.
'This upgrade system does not include any customer payment, card information or bank account information.'
The eight handset fraud victims had been contacted, the spokesman added.
The NCA said all three men had been bailed pending further enquiries.
A spokeswoman said: 'As investigations are on-going no further information will be provided at this time.'
It comes after telecoms giant TalkTalk fell victim to an attack on its website on October 21 last year which resulted in the personal data of nearly 160,000 people being accessed.
The Information Commissioner's Office fined the firm a record £400,000 last month for security failings that it said had allowed customers' data to be accessed 'with ease'.
The ICO said that in 15,656 cases, bank account details and sort codes had been accessed.