CyberCrimeSecurityWorkspace

NatWest Warns 600,000 Customers Over Three Hack

Duncan MacRae is former editor and now a contributor to TechWeekEurope. He previously edited Computer Business Review's print/digital magazines and CBR Online, as well as Arabian Computer News in the UAE.

Follow on:

Natwest has contacted customers it believes could have been affected by the Three data breach

NatWest has warned its customers to remain “vigilant” following the recent data breach at Three.

On November 18, Three CEO Dave Dyson admitted that his company’s database of six million customers had been unlawfully accessed with personal data of 133,827 obtained by hackers.

Stolen data

He confirmed that information, such as names and addresses, were accessed, but reassured customers that no bank details, passwords, PINs, payment information or credit/debit card information were stored on the breached system.

data security breachNatWest has subsequently contacted 600,000 of its own customers, whom it believes could have been affected by the hack after examination of their direct debits.

The British retail and commercial bank reminded customers that it never requests personal details such as a full password or PIN.

Its note to customers read: “We can see you’re a customer of Three.

“We know Three have contacted those affected by the data breach issue last week, but we want to remind you that as your bank we’ll never ask you for details like your PIN or full password.

“Remember to always be vigilant for suspicious emails, texts or phone calls and don’t let anyone access your online banking.

“Find out more on our website by searching ‘Security Centre’ or if you have any concerns, please contact us.”

Three believes the hackers’ intentions were to steal handsets rather than to monetise customer data directly.

Dyson said: “On November 17, we were able to confirm that eight customers had been unlawfully upgraded to a new device by fraudsters who intended to intercept and sell on those devices.

“We believe the primary purpose of this was not to steal customer information but was criminal activity to acquire new handsets fraudulently.”

A NatWest spokesman said: “We’ve been reminding our customers who have a direct debit with Three that we will never ask for their PIN or full password, and to be vigilant for suspicious emails, texts or phone calls.

“While we have been contacting specific customers in this instance, we regularly send the same advice to all our customers to help them spot fraudulent contact attempts and help keep their money safe.”

How much do you know about the world’s most famous hackers? Try our quiz!