Technology

Hacker steals data of 2m Vodafone Germany customers

Names, addresses and bank account numbers among the data compromised in attack

The personal details of around two million Vodafone Germany customers were compromised after a hacker gained access to one of the network’s servers. Photograph: Chris Ratcliffe/Bloomberg

Thu Sep 12 2013 - 15:24

A hacker has stolen the names, addresses and bank account numbers of about 2 million customers of Vodafone Germany, the company confirmed.

The mobile operator warned customers to beware that criminals may now try to elicit other information such as passwords.

The company, which has around 32 million clients in Germany said today that the hacker, who had gained access to one of its servers, had not obtained any passwords, security numbers or connection data.

“It is hardly possible to use the data to get direct access to the bank accounts of those affected,” the mobile phone network operator said in a statement.

READ MORE

But it warned customers that criminals could launch so-called “phishing” attacks, using fake e-mails, to try to trick them into revealing more details.

“This attack was only possible with the utmost criminal energy as well as insider knowledge and happened deep within the IT infrastructure of the company,” Vodafone said.

A source close to the company, who declined to be named, said the investigation was looking into a person who was working for a sub-contractor for Vodafone’s administration system.

Privacy and personal data are sensitive issues in Germany due partly to a history of heavy surveillance of citizens in the former communist East and under Nazi rule.

There has also been public indignation over reports of US snooping based on documents leaked by fugitive former National Security Agency contractor Edward Snowden.

The scandal unleashed by Mr Snowden, which has filled German newspapers for weeks, has become a major headache for Chancellor Angela Merkel ahead of a September 22nd election.

“This may well be one of the largest cases of personal data thefts for German customers,” Mikko Hypponen, chief research officer at internet security company F-secure told Reuters.

In a previous major international case, which also involved Germans amongst others, data was stolen more than two years ago from almost 80 million user accounts of Sony’s PlayStation Network.

And in 2009 in the United States, a hacker called Albert Gonzalez pleaded guilty to stealing tens of millions of payment card numbers by breaking into corporate computer systems at companies such as 7-Eleven and Target.

Vodafone said it was working with police to investigate the matter and had sealed the ports the hacker had used to access its servers.

A special cybercrime unit in the state of North Rhine-Westphalia has taken the lead in the case, the public prosecutor said. (Reuters)

LATEST STORIES