Vodafone Breached Days After TalkTalk

Vodafone Breached Days After TalkTalk

Days after TalkTalk was breached, Vodafone is now admitting that they were attacked as well in what Sky News is reporting as a separate attack. CNBC is reporting that 1,827 accounts had been accessed in the hack. This is the second cyber attack on a British telecoms company this month.

According to Ars Technica UK, Vodafone says customer credit card details were not accessed, except for the last four digits of card numbers. Names and telephone numbers may also have been obtained by the attackers. Only a handful of those affected in the Thursday morning attack had seen any attempts to use their data for fraudulent activity on their Vodafone accounts (Reuters)

Our Analysis

For the second time in less than a month, British telecoms have been targeted. As more updates come from the TalkTalk investigation, a few arrests have been made. 3 teenagers have been arrested in the attack. It is believed that this is a separate incident and not in connection with TalkTalk. Both TalkTalk and Vodafone opens up customers to fraud and potential phishing attempts to gain information. A potential criminal could contact a customer and if they are unaware that they may have been compromised, then they could leak all of their information.

Per The Guardian, These customers’ accounts have been blocked and affected customers are being contacted directly to assist them with changing their account details. They have also contacted the banks of the affected customers to alert them. This is the best starting point to alert their customer base to inform them of the breach and to monitor their accounts for any suspicious activity. Vodafone began an investigation and informed the National Crime Agency, Ofcom and the Information Commissioner’s Office on Friday night. The information obtained by the criminals cannot be used directly to access customers bank accounts.

Other High Profile Breaches:

TalkTalk
Experian (includes T-Mobile)
Scottrade
Trump Hotels
Tesla and Chrysler (unrelated to each other)
Apple App Store
U.S. Office of Personnel Management (OPM)
Kaspersky & FireEye (unrelated to each other)
Excellus Blue Cross Blue Shield
Ashley Madison
Ashley Madison (follow up)


Thanks for stopping by and reading our blog. We would appreciate if you could subscribe (assuming you like what you read; we think you will). This is meant to be informative and to provide value to anyone who reads this – regardless of their knowledge and/or understanding of IT/Cybersecurity. To learn more about us, check out our “About Us” page.

Be sure to subscribe to this blog and to our Podcast.

If you have ANY Cybersecurity needs, please contact us and a member of our staff with promptly reply to your question or concern.

References

CNBC
Reuters
Ars Technica UK
The Guardian
Sky News
Our report about TalkTalk


Enter your email address:


Delivered by FeedBurner


Subscribe to our mailing list

* indicates required







About Scott Entsminger

Scott Entsminger was born and raised in Virginia. He graduated from Radford University with a Bachelor’s of Science in Criminal Justice. Scott has worked for the Department of Defense since graduating college. He is an expert in Windows Administration; with specific experience in Group Policy and vulnerability remediation. He also has specific experience in Information Assurance (IA) and Cyber Security. Scott holds the CompTIA Security+ certification. He is always looking to diversify his skillset. Scott is an avid sports fan, particularly baseball. He also is an avid gamer and enjoys learning different skills involving his PC.