Según la notificación que ha enviado Vodafone, The attack occurred in the first half of September and has resulted in the compromise of customers' personal details. The data includes subscription information, identity documents and contact information.
Fortunately, according to the same statement, It seems that neither the passwords nor the clients' own network traffic have been affected by the incident. They have also taken advantage of the statement to warn clients to stay alert for possible phishing attacks in the future.
The collaborating company, FourB, has also reported that they have limited access to the servers and implemented new security measures to prevent this from happening in the future.
On the other hand, An actor calling himself KelvinSecurity has posted the stolen data on a forum, which totals almost 300.000 files that weigh more than 300GB. El actor alegó que publicó la información para advertir a Vodafone de que lograron vulnerar sus sistemas pero finalmente se puso la información a la venta tras ser ignorados por la compañía.
Fountain: Bleeping Computer
Image: Flickr