Vodafone says hacker steals data of 2 million customers in Germany

[Lee J <lee () riskbasedsecurity com>]

http://www.bloomberg.com/news/2013-09-12/vodafone-germany-hacker-accesses-2-million-clients-banking-data.html

An intruder hacked into a Vodafone Group Plc
(VOD)<http://www.bloomberg.com/quote/VOD:LN> server
in Germany <http://topics.bloomberg.com/germany/>, gaining access to 2
million customers’ personal details and banking information.

A person with insider knowledge stole data including names, addresses,
birth dates, and bank account information, the world’s second-biggest
mobile-phone carrier said in a
statement<http://www.vodafone.de/unternehmen/presse/aktuelle_pm.html>
today.
The hacker had no access to credit-card information, passwords, PIN numbers
or mobile-phone numbers, Vodafone said.

The attack was detected by Vodafone at the beginning of September, stopped
and reported to the police, Kuzey Esener, a Vodafone spokesman, said.
Clients can check on Vodafone’s German
website<https://www.vodafone.de/privat/hilfe-support/kundeninformation-sind-meine-daten-betroffen.html>
to
see if they are affected, and will also be informed by mail, he said. While
the data stolen does not allow criminals to access bank accounts, Vodafone
will warn clients of the possibility of so-called phishing attacks, he said.

Vodafone, based in Newbury, England <http://topics.bloomberg.com/england/>,
is the latest high-profile company to announce a security breach. Last
month there were hacker attacks on Google Inc.
(GOOG)<http://www.bloomberg.com/quote/GOOG:US>,
Twitter Inc. and the New York <http://topics.bloomberg.com/new-york/> Times.
KT Corp., South Korea’s largest phone and Internet company, fell the most
in seven months in July last year after saying customer data were leaked by
hackers.

Vodafone shares fell 0.8 percent to 208.40 pence at 10:40 a.m. in London,
giving the company a market value of 101 billion pounds ($158 billion).

Vodafone said the incident only affects clients in Germany. Authorities
have identified a suspect, Esener said. He didn’t say whether the suspect
was an employee or an outsider.

Germany contributes more to Vodafone’s revenue and profit than any other
country. It accounted for about 18 percent of
sales<http://www.bloomberg.com/quote/VOD:LN> in
the fiscal year ended March 31. The company is trying to conclude a 7.7
billion-euro ($10.2 billion) takeover of Kabel Deutschland Holding AG,
Germany’s biggest cable company, to expand in the country and increase
customer loyalty with packages combining phone, Internet and TV services.

_______________________________________________
Dataloss Mailing List (dataloss () datalossdb org)
Archived at http://seclists.org/dataloss/
Unsubscribe at http://lists.osvdb.org/mailman/listinfo/dataloss
For inquiries regarding use or licensing of data, e-mail
        sales () riskbasedsecurity com 

Supporters:

o()xxxx[{::::::::::::::::::::::::::::::::::::::::>
# InfoSec Builders, Breakers and Defenders - Time Square, New York City  18-21 November
# OWASP AppSecUSA 2013  -   http://www.appsecusa.org
o()xxxx[{::::::::::::::::::::::::::::::::::::::::>

Risk Based Security (http://www.riskbasedsecurity.com/)
Risk Based Security offers security intelligence, risk management services and customized security solutions. The 
YourCISO portal gives decision makers access to tools for evaluating their security posture and prioritizing risk 
mitigation strategies. Cyber Risk Analytics offers actionable threat information and breach analysis.