Three’s recent data breaches have caused a rippling effect for many customers.
The newest of the breaches caused some customers to be without texting and telephone functions on 22nd April 2017, and also led to some texts going to totally random people rather than the intended recipients.
We have already taken cases on where personal text messages ended up in the inbox of someone totally random, and social media was filled with complaining customers asking for explanations.
The network provider admitted to a cyber-attack which put 6 million customers’ private information at risk in 2016, and Three were also subject to a ‘fresh’ breach back in March this year. Customers logged into their online accounts to find that they were presented with names, addresses, phone numbers, and call histories of strangers.
It seems evident that Three failed to keep their customers’ personal details safe.
New data breach: 22nd April data breach
Three said that it experienced a “temporary works issue” which affected its service in the afternoon and evening of the 22nd April 2017. There just seems to be problem after problem for the “UK’s number 1 network provider”.
Many customers reported that they received misdirected texts or texts from unknown numbers. This appears to be as a result of the service disruption that occurred on Saturday 22nd April.
Three also advised customers to ignore all text messages that are deemed to be incorrect. However, many customers took to Twitter to complain about Three’s service and how their texts were being sent to random numbers instead of their contacts.
Twitter rants
One customer, Tom Turner, posted a screen shot of the random message that he received along with the caption: “love receiving random texts from Welsh birds saying ‘Found sweetcorn'”.
Another customer didn’t quite find Three’s breach to be as humorous. Jen Davies vented on Twitter: “shocking breach of privacy today @ThreeUK… shame on you… along with 11hrs of no service…”
Another customer posted a screen shot of a message they had received from a random user saying “who is this”. Kimmy questioned the legitimacy of Three’s breach saying “@ThreeUK is this acceptable? #ThreeUK #whoisthis? #bigerror”.
It’s evident that Three aren’t up to scratch with their cyber-security; with this incident being the third one in recent times.
Service restored
On 23rd April the network provider assured that the calls service had been restored, but they were working to restore a full service. Three said they’re currently investigating the cause of the service disruption and apologised for any inconvenience. They also noted that if the services hadn’t been resumed, “customers may need to restart their phones if they are still experiencing any issues”.
Greater emphasis on cybersecurity needed
It’s all well and good that Three has apologised for the breach, but that’s not enough. As data controllers and the “UK’s number 1 network provider”, they have the responsibility to ensure that their customers’ data is safe and secure. Following on from the initial breach in 2016, you’d have thought they would’ve placed greater emphasis on the cybersecurity; especially as 6 million of their 9 million customers were initially thought to have been affected…