BERLIN: Mobile phone operator Vodafone Germany said yesterday a hacker had stolen the personal data of two million customers, and that a suspect had been identified.
“This attack could only be carried out with high criminal intent and insider knowledge and was launched deep inside the IT infrastructure of the company,” Vodafone Deutschland said.
The stolen data included customers’ names, gender, birthdates and addresses as well as their bank account and branch numbers, but not their mobile phone numbers, passwords, PIN numbers or credit card details, it said.
This meant that the cyber-criminal had netted insufficient data to access clients’ bank accounts, said the company, a subsidiary of the British telecom provider of the same name.
It warned however of the risk of so-called “phishing” attacks in which fake emails try to trick customers into revealing their passwords. There was also a risk such data could be used by criminals to make online purchases, a spokesperson said, adding that victims would however have recourse to legal protection.
“Vodafone deeply regrets the incident and apologises to all those affected,” the company added in a statement.
Only mobile phone customers within Germany had been affected and would be contacted by mail. Vodafone Germany said it had discovered the attack a week ago, stopped it and reported it to authorities but had initially been asked not to make it public so as not to endanger a police investigation.
“They have now identified a suspect and searched his home,” said the company.
“In coordination with the authorities, Vodafone Germany is now fully informing all affected persons and supporting them in avoiding possible adverse effects.” AFP