Three men have been arrested in connection with a data breach at mobile network Three.
According to the network names and address of customers eligible for upgrades had been accessed by hackers, allowing for devices to be “unlawfully intercepted”.
The National Crime Agency (NCA) confirmed on Wednesday a 48-year-old man from Orpington, Kent, and a 39-year-old man from Ashton-under-Lyne, Greater Manchester, had been arrested on suspicion of computer misuse offences with a third man - a 35-year-old from Moston, Greater Manchester - arrested on suspicion of attempting to pervert the course of justice.
Three is now investigating how many accounts were accessed by the hack but assured its nine million customers that the database which was accessed did not contain any payment, card or bank details.
“Over the last four weeks Three has seen an increasing level of attempted handset fraud,” said a spokesman. “This has been visible through higher levels of burglaries of retail stores and attempts to unlawfully intercept upgrade devices. We’ve been working closely with the police and relevant authorities.
“To date, we have confirmed approximately 400 high value handsets have been stolen through burglaries and eight devices have been illegally obtained through upgrade activity. In oder to commit this type of upgrade handset fraud, the perpetrators used authorised logins to Three’s upgrade system.”
Since the hack the company has strengthened its data controls, contacting the eight victims of handset fraud. The three men have been released on bail pending further enquiries.
Last year telecoms company TalkTalk was victim of a high-profile cyber attack with 160,000 of its 4.2 million customers affected.