back to article Three CEO confirms hack, 133,827 customers were exposed

The CEO of UK carrier Three Mobile has confirmed that a customer database was compromised by hackers and more than 130,000 customers have had their account data exposed. David Dyson says that the hackers, believed to be two men from Kent and Manchester, had indeed accessed the customer directory and used the information – …

  1. Anonymous Coward
    Anonymous Coward

    and for that I sincerely apologize

    I can appreciate that for a man paid, what...£500k a year, that's an onerous task, saying sorry (without admitting liability, natch). But what if his customers are British and want him to apologise?

    I say hanging's too good. Public drowning in a washing up bowl full of cold porridge, that's what's needed. Do it at the Institute of Directors on Pall Mall, and you'd find that suddenly British companies started to take data protection seriously.

    1. Anonymous Coward
      Anonymous Coward

      You should be publicly drowning the thieves in cold cold porridge. Are you going to drown yourself if you have your wallet lifted when going for a stroll down Oxford Street because you hadn't nailed it to your leg ?

      If you want to blame somebody for negligence, blame the tech industry for serving up insecure hardware, C and all OS's. These systems had their basic design work established in the 70s and 80s which now need redesigning from the ground up to meet modern security requirements with no backward compatibility.

      1. Anonymous Coward
        Anonymous Coward

        You should be publicly drowning the thieves in cold cold porridge

        Good point. Use the same bowl, do the crims first, and after a couple you'd have a bowl full of "Porridge Plus" (tm). Then the corporate idiots who allowed the data to be hacked could be treated.

        In all corporate data leaks the fault still lies squarely with the company who manage the database. Even if the software has vulnerabilities, the company could have chosen not to use it, or put in proper mitigations and protections, in this case they didn't do that. If Fort Knox had as a main front door a cheap and flimsy UPVC affair, when the place got raided it wouldn't be the fault of the door maker, would it?

  2. VinceH
    Joke

    Optional

    Well, let's hope TalkTalk are put before the beak and get all they deserve over this!

  3. Anonymous Coward
    Anonymous Coward

    All that and all they managed to do was steal 8 phones! 8 phones which would have had their IMEI numbers blocked post immediately. They would have been far better to ask the data to a mobile phone business that could have called them and legitimately offered upgrades (legitimately if you ignore how they got the data). That kind of data would be worth s fortune to them.

    1. Anonymous Coward
      Anonymous Coward

      Accessing 133k records does seem like a lot of work to get hold of 8 phones. Wouldn't be surprised if the culprits were caught by their high productivity on the system.

  4. John Brown (no body) Silver badge
    Joke

    So...

    At least he didn't say "...only a small number of customers were affected." or apoligize[sic] "...for any inconvenience that MAY have occurred".

    1. Richard 12 Silver badge

      Re: So...

      They're learning!

      Perhaps they may even become sentient, given enough time.

  5. David Roberts

    Inside job?

    No information on how the data was obtained. I would guess this kind of crime isn't a natural hacker target so possibly 3 worker trying for a bit extra on the side?

  6. Anonymous Coward
    Anonymous Coward

    No penalty

    We dont care about your data. Why should we invest in better IT when there exactly zero financial loss as a result. Time for governments to give us rights over our data. But I'm not holding my breath.

  7. BebopWeBop
    Facepalm

    For gads sake they were not hackers!

  8. Mephistro
    Unhappy

    "...it is believed that the information was only used for the phone upgrade schemes and there have been no reports of other attempts to use or sell the lifted customer information"

    If the data hasn't been offered for sale or already sold to other miscreants, it'll probably be soon.

    1. Voland's right hand Silver badge
      Devil

      Not necessarily.

      This sounds like an insider job with the data being used for a ridiculously stupid scam envisioned by Dumb and Dumber.

      So it is quite possible that all interested parties are already packed and in the bag before the data was resold on the market.

      In fact, if they were not so terminally Dumb, they would have made more money reselling the data then buying 8 phones (even if those were platinum plated ones).

  9. Anonymous Coward
    Anonymous Coward

    Tie data loss to Exec bonuses

    Data loss?

    All the Execs get 0 bonus that year.

    Another data loss?

    No bonuses and half pay for Execs.

    Not that it would slow them down much.

  10. Asylum_visitor

    It's ok they didn't get your payment information....just enough information for them to order you a new credit card!

  11. Timmy B

    I agree with Asylum_visitor. I queried three to find out if I am on the list but they wouldn't tell me as I am not one of the few that have been involved in the actual upgrade interception. They seem to think that having my information including name, address, telephone number, date of birth and "other non-financial" information leaked like this has no effect on me, I understand stuff like this will always happen whilst people have access to useful information at any level and am not going to make a big issue. What I don't understand is the uppity attitude of the person on the phone....... sigh..... minor rant over.

  12. Mark C 2

    Vote with your feet. Terminate the contract and go to one of the others that haven't *yet* had had a breach. If they lose customers in droves the market will take notice.

  13. Aqua Marina
    Coat

    3 CEOs?

    I read the article end to end, but couldn't find anything said about the other 2!

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like