Three has experienced a new data breach after what appears to be a technological error caused users to be shown the account information of other subscribers.
The compromised information includes the names, addresses, dates, and births of those eligible for smartphone upgrades.
The My3 mobile app reportedly allowed those impacted to view other people's phone numbers, call histories, and bills.
TPRM report: https://scoringcyber.rankiteo.com/company/threeuk
"id": "thr92315722",
"linkid": "threeuk",
"type": "Data Leak",
"date": "03/2017",
"severity": "85",
"impact": "3",
"explanation": "Attack with significant impact with internal employee data leaks"
{'affected_entities': [{'industry': 'Telecommunications',
'name': 'Three',
'type': 'Telecommunications Company'}],
'attack_vector': 'Technological Error',
'data_breach': {'personally_identifiable_information': ['names',
'addresses',
'dates of birth'],
'type_of_data_compromised': ['names',
'addresses',
'dates of birth',
'phone numbers',
'call histories',
'bills']},
'description': 'Three has experienced a data breach due to a technological '
'error that allowed users to view account information of other '
'subscribers, including names, addresses, dates of birth, '
'phone numbers, call histories, and bills.',
'impact': {'data_compromised': ['names',
'addresses',
'dates of birth',
'phone numbers',
'call histories',
'bills'],
'systems_affected': ['My3 mobile app']},
'title': 'Three Data Breach',
'type': 'Data Breach'}