Company admits criminals could have seen names, telephone numbers and sort codes
Vodafone has confirmed that accounts of 1,827 of its customers were accessed by hackers.
The cyber attack happened between midnight on 28 October and midday on 29 October, the mobile phone operator said.
Vodafone is the second big-name UK telecoms company to be hacked in recent weeks.
TalkTalk hit the headlines two weeks ago when it revealed it had suffered its third cyber attack in eight months. TalkTalk subsequently admitted that almost 1.2 million customer email addresses, names and phone numbers.
Vodafone said that its hack had potentially given criminals access to customers names, mobile telephone numbers, bank sort codes and the last four digits of their bank account number.
It said its investigation found that “only a handful” of customers have been subject to any attempts to use the stolen data for fraudulent activity on their Vodafone accounts.
The company also stressed that no credit or debit card numbers or details were obtained.
Vodafone said in a statement: “The information obtained by the criminals cannot be used directly to access customers’ bank accounts. However, this information does leave these 1,827 customers open to fraud and might also leave them open to phishing attempts.”
Vodafone said it has informed the National Crime Agency (NCA), the Information Commissioner’s Office and telecoms regulator Ofcom about the issue on 30 October.
It added: “We will now work with the NCA in their ongoing investigation.
“We would like to make clear that only the 1,827 customers who will be notified today have been affected by this incident: no other customers need to be concerned, as the security of our customers’ data continues to one of our highest priorities.”
Join the conversation and share your views with others on LinkedIn here
The Insurance Times Cyber Insight 2015 conference is uniquely focused on giving brokers and insurers the know-how they need to better protect their clients and develop their business. Find out more here