Insider tied to Vodafone breach in which 2 million records were compromised

Police seize suspect's assets in wake of carrier's breach in Germany

An insider has been linked to a breach at Vodafone in Germany, resulting in the loss of 2 million records. According to Vodafone, there is a heightened risk of Phishing attacks against the impacted customers.

In a statement to CSO, a Vodafone spokes person said that a "sophisticated and illegal intrusion into one of its servers in Germany," and that the attack appears to have been executed by someone inside the company. An individual has been identified by the police, and their assets have been seized, but there was no further information available by deadline. Speculation by local media in Germany has pointed to a sub-contractor who worked with the telecom giant's administration system as the key suspect.

Vodafone has contacted all of the people impacted by this breach, the largest of its kind since the Sony incident two years ago that impacted 80 million people, adding that each person will get all the support necessary in order to minimize the risk of identity theft. The company also wanted to assure customers that only those contacted by Vodafone Germany were impacted by this breach.

According to Vodafone's statement, the compromised data includes names, addresses, birth date, gender, bank sort code and bank account numbers for approximately 2 million applications from individuals seeking to sign up with Vodafone Germany. None of the information stolen included credit card details, mobile phone numbers, passwords or PINs. Further, there was no access to any personal call information or browsing data.

However, the company says that there is also "a heightened risk that customers could be the victim of a 'phishing' attack under which criminals use personal information in a fake email to trick people into supplying further information online such as passwords or credit card numbers."

"We recommend that customers remain vigilant when asked for their personal information from an unknown party, be wary of any emails, calls or texts which warn of account problems, and ensure they regularly check for unauthorized direct debits from their bank account. We have also made arrangements for individuals to use an independent fraud protection service at no cost to them," the company said in a statement.

The attack was detected earlier this month, but law enforcement asked that notifications be delayed. Technical details on the breach were not disclosed. According to Reuters, a cybercrime unit in North Rhine-Westphalia has taken lead on the investigation.

To comment on this article and other CSO content, visit our Facebook page or our Twitter stream.
Insider: Hacking the elections: myths and realities
Notice to our Readers
We're now using social media to take your comments and feedback. Learn more about this here.