Three UK admits hack but says ‘financial details are not at risk’
Fraudulent activity detected
Update: Three has now confirmed 133,827 customer accounts were affected in the hack.
The hack was through the upgrade system so no bank details, passwords, pin numbers, payment information or credit/debit card have been accessed.
If you've been affected, Three should have contacted you already about what details could have been lost.
Original: Three customers are waking up to the news that hackers have potentially stolen some of their details in an attempt to illegally nab themselves high-end smartphones.
Early reports suggested details of up to six million customers could have been accessed by hackers who managed to force their way into the network’s internal upgrade database - although in reality it's likely to be less than that.
There are also claims that three men have been arrested in relation to the activity, which is thought to have been based around intercepting upgrade handsets and selling them on the black market.
Three UK has made a statement on its Facebook page, highlighting the issue but also attempting to reassure customers.
Get daily insight, inspiration and deals in your inbox
Sign up for breaking news, reviews, opinion, top tech deals, and more.
“We’re aware of an attempted fraud issue regarding upgrade devices and are working with police and relevant authorities on the matter.
“The objective was to steal high-end smartphones from Three, but we’ve already put measures in place to stop the fraudulent activity."
Financial details are not at risk
The post continues: “We’d like to reassure customers that their financial details are not at risk. We are investigating how many customers are affected and will be contacting them as soon as possible. We’ll update with further information once we have this.”
TechRadar contacted Three to find out more information. The upgrade database doesn't hold any financial details, although customer names, date of births, addresses and phone numbers are all stored here.
It's worth noting that none of the information from the upgrade database was removed, only accessed using a password from an internal system.
We will have to wait for the police investigation to finish before exact details are revealed, including how many customers have been affected.
Three says it will contact those customers once the investigation has concluded.
John joined TechRadar over a decade ago as Staff Writer for Phones, and over the years has built up a vast knowledge of the tech industry. He's interviewed CEOs from some of the world's biggest tech firms, visited their HQs and has appeared on live TV and radio, including Sky News, BBC News, BBC World News, Al Jazeera, LBC and BBC Radio 4. Originally specializing in phones, tablets and wearables, John is now TechRadar's resident automotive expert, reviewing the latest and greatest EVs and PHEVs on the market. John also looks after the day-to-day running of the site.
18 Prime Video subscription add-ons are discounted for the holidays – here are the 3 I'd recommend getting
AMD RDNA 4 GPU rumors flood forth, including possible name change to RX 9070 – because bigger is better, compared to Nvidia’s RTX 5070?
A new Microsoft 365 phishing service has emerged, so be on your guard