BreachExchange mailing list archives

Previous By Date Next
Previous By Thread Next

Vodafone Germany hack hits two million customers

From: Audrey McNeil <audrey () riskbasedsecurity com>
Date: Thu, 12 Sep 2013 12:25:21 -0600
http://www.bbc.co.uk/news/technology-24063621

Personal details of more than two million customers of Vodafone
Germany have been stolen by a hacker.

Vodafone said the attacker got access to customer names, addresses,
bank account numbers and birth dates.

The trove of information was stolen from a database sitting on the
company's internal network.

The operator said customers had been told about the breach and warned
to watch out for "phishing" messages that try to extract more personal
data.

"Vodafone deeply regrets the incident and apologises to all those
affected," the operator said in a statement.

Vodafone said it did not think that the attacker got hold of enough
information to plunder bank accounts because they failed to access
phone numbers, credit card details, Pins and passwords.

The German subsidiary of Vodafone did not say when the attack took
place but said it had been asked by police to delay notifying
customers as an investigation got under way.

A suspect has now been identified and his home searched, said
Vodafone, which meant it could now talk about the incident and inform
the two million victims. In total, Vodafone Germany has about 36
million mobile customers.

"This attack could only be carried out with high criminal intent and
insider knowledge and was launched deep inside the IT infrastructure
of the company," said the operator.
_______________________________________________
Dataloss Mailing List (dataloss () datalossdb org)
Archived at http://seclists.org/dataloss/
Unsubscribe at http://lists.osvdb.org/mailman/listinfo/dataloss
For inquiries regarding use or licensing of data, e-mail
        sales () riskbasedsecurity com 

Supporters:

o()xxxx[{::::::::::::::::::::::::::::::::::::::::>
# InfoSec Builders, Breakers and Defenders - Time Square, New York City  18-21 November
# OWASP AppSecUSA 2013  -   http://www.appsecusa.org
o()xxxx[{::::::::::::::::::::::::::::::::::::::::>

Risk Based Security (http://www.riskbasedsecurity.com/)
Risk Based Security offers security intelligence, risk management services and customized security solutions. The 
YourCISO portal gives decision makers access to tools for evaluating their security posture and prioritizing risk 
mitigation strategies. Cyber Risk Analytics offers actionable threat information and breach analysis.
Previous By Date Next
Previous By Thread Next

Current thread: