Home
 » ISP News » 
Sponsored Links

Vodafone Joins TalkTalk to Suffer Security Breach of 1,827 Accounts

Sunday, Nov 1st, 2015 (7:26 am) - Score 778

Vodafone has said that their security is “fundamentally effective” after they became the latest major UK telecoms operator after TalkTalk to be hit by a breach, which between 28th and 29th October 2015 resulted in 1,827 customers having their accounts accessed by cyber criminals.

Admittedly Vodafone’s situation is significantly different from TalkTalk’s. The latter found their website being exploited by hackers who discovered an SQL Injection exploit, while Vodafone states that the cyber thieves who got into their systems were able to use known login (email address) and password details that had been “acquired from an unknown source external to Vodafone“.

What Customer Details Have Been Exposed?

* The customer’s name;
* their mobile telephone number
* their bank sort code
* the last 4 digits of their bank account (no credit or debit card numbers or details were obtained)

At this point we are assuming that Vodafone has ruled out the possible use of a brute force attack, which would attempt to identify the main login and password details by trying lots of common and random combinations at the same time (this is usually made obvious via the server logs).

Instead Vodafone are able to claim that their “systems were not compromised or breached in any way” and their related “protocols were fundamentally effective,” although the login and password details still had to come from somewhere and on this front there is a clear lack of information. Some reports suggest that they were purchased on the so-called dark web, but that still doesn’t explain how they came to be there in the first place.

On top of that Vodafone says that the problem could have been worse had their own “investigation and mitigating actions” not been effective, which they say meant that “only a handful of customers have been subject to any attempts to use this data for fraudulent activity on their Vodafone accounts.” This suggests that the operator knows more than they’re currently able to say.

Vodafone Statement

The information obtained by the criminals can not be used directly to access customers’ bank accounts. However, this information does leave these 1,827 customers open to fraud and might also leave them open to phishing attempts.

These customers’ accounts have been blocked and affected customers are being contacted directly to assist them with changing their account details. We have already contacted the banks of affected customers to alert them to the situation and they are following established procedures in order to protect customers.

It is not necessary for customers to contact their bank directly to inform them of the incident. We will also be loading customers’ details into the Credit Industry Fraud Avoidance Service (CIFAS) database, which will ensure that bank or mobile operators will make additional checks to avoid fraud.

The operator has also notified both Ofcom and the Government’s Information Commissioner’s Office (ICO) of the breach. Meanwhile an investigation has been started by the National Crime Agency and related police forces.

Mark-Jackson
By Mark Jackson
Mark is a professional technology writer, IT consultant and computer engineer from Dorset (England), he also founded ISPreview in 1999 and enjoys analysing the latest telecoms and broadband developments. Find me on X (Twitter), Mastodon, Facebook and .
Search ISP News
Search ISP Listings
Search ISP Reviews

Comments are closed

Cheap BIG ISPs for 100Mbps+
Community Fibre UK ISP Logo
150Mbps
Gift: None
Virgin Media UK ISP Logo
Virgin Media £24.00
132Mbps
Gift: None
Shell Energy UK ISP Logo
Shell Energy £26.99
109Mbps
Gift: None
Plusnet UK ISP Logo
Plusnet £27.99
145Mbps
Gift: None
Zen Internet UK ISP Logo
Zen Internet £28.00 - 35.00
100Mbps
Gift: None
Large Availability | View All
Cheapest ISPs for 100Mbps+
Gigaclear UK ISP Logo
Gigaclear £15.00
150Mbps
Gift: None
YouFibre UK ISP Logo
YouFibre £19.99
150Mbps
Gift: None
Community Fibre UK ISP Logo
150Mbps
Gift: None
BeFibre UK ISP Logo
BeFibre £21.00
150Mbps
Gift: £25 Love2Shop Card
Hey! Broadband UK ISP Logo
150Mbps
Gift: None
Large Availability | View All
The Top 15 Category Tags
  1. FTTP (5473)
  2. BT (3505)
  3. Politics (2525)
  4. Openreach (2291)
  5. Business (2251)
  6. Building Digital UK (2234)
  7. FTTC (2041)
  8. Mobile Broadband (1961)
  9. Statistics (1780)
  10. 4G (1654)
  11. Virgin Media (1608)
  12. Ofcom Regulation (1451)
  13. Fibre Optic (1392)
  14. Wireless Internet (1386)
  15. FTTH (1381)

Helpful ISP Guides and Tips

Promotion
Sponsored

Copyright © 1999 to Present - ISPreview.co.uk - All Rights Reserved - Terms , Privacy and Cookie Policy , Links , Website Rules , Contact
Mastodon