1,827 Customers At Risk
About 1,827 Vodafone customers have had their personal data exposed to a unknown source. Though Vodafone have said that there core system is safe and not breached in anyway. Vodafone said that full credit card data were not obtained and only partial, which the firm says it makes them useless. All the exposed accounts have been blocked and the firm is contacting customers to verify there accounts. It seems the accounts were breached by customers using the same “weak” passwords on multiple websites.
the attack, which occurred between midnight on 28 October and midday on 29 October, has affected customers who are now at risk of fraud and phishing attempts.
“We would like to make clear that only the 1,827 customers, who have all been contacted, have been affected by this incident. No other customers have been affected or need to be concerned, as the security of our customers’ data continues to one of our highest priorities,” Vodafone said.
Ryan Wilk, director at NuData Security, said
“Data thieves sell this information to aggregators, who cross-reference and compile full identities, called ‘fullz’, on the data black market. This increases the value and usefulness of the stolen data and is building countless identities for the fraudsters,” he said.
“With the amount of data on the black market, there is no end to the potential damage the fraudsters can do using the stolen data.
“While phone and wireless companies have recently been in the headlines, this trend is industry agnostic. Any company in any vertical where sensitive data is stored will be a target of hackers and criminals. While the loss of this data is an issue in and of itself, the secondary use of the stolen data should be a concern to every business.”
Brian Spector, chief executive of cryptography firm Certivox, said
“The advice that has for many years been repeatedly given to online services customers is to use complex passwords, which is useful, of course,” he said.
“Perhaps more importantly people should avoid using the same password for multiple sites. The human aspect of memorising all these different passwords is not to be underestimated: it’s simply too hard.”
