Customers of Lyca Mobile may have had their personal information exposed following a cyberattack. The breach happened after hackers broke into the mobile operators’ systems. While not confirmed, it is thought this might have been a ransomware attack.
Lyca Mobile has not said how many customers were affected by the incident, but thousands of people could be at risk following the breach.
According to Lyca, the compromised data may include:
According to Tech Crunch, Lyca declined to comment on what type of encryption it uses when asked. In addition, it is not yet known if the criminals accessed/stole the company’s encryption keys.
After the Lyca data breach, the mobile operator has advised affected customers to:
Worryingly, while Lyca Mobile first became aware of this data breach on 30 September 2023, it took until mid-October to start informing affected customers. By not letting customers know immediately, Lyca Mobile left them at a very high risk of further cyberattacks, fraud and identity theft.
Victims of data breaches often become the target of cybercriminals and similar privacy violations have resulted in fraud, blackmail, and identity theft. As such, Lyca Mobile customers are at high risk of being targeted by cybercriminals and should take immediate steps to protect themselves.
Our data protection experts have provided some guidance on how to do this.
Lyca Mobile, which operates on EE’s network, discovered that it had experienced a data breach. The security violation happened after unauthorised individuals gained access to it systems and personal customer data was compromised in a cyberattack.
The list of potentially compromised data includes customer:
In a notification to customers, Lyca Mobile said:
“Following investigations carried out as a result of disruption to our network, it has become clear that Lyca Mobile UK Limited has been the victim of a systems cyber attack. We are working around the clock to ensure that the impact to our customers is minimised.
Lyca Mobile first became aware of this on 30 September and took immediate action to contain the incident, which included isolating and shutting down systems where appropriate. We also instructed leading security and other experts to help us investigate and minimise any impact on your data including the period during which we recover our systems. We have also notified and are in discussions with all of the relevant regulatory authorities.
It will take some time to fully complete our investigations and carefully restore all of our systems, but it is now clear to us that the attackers have accessed at least some of the personal information held in our systems. We now believe this includes at least some customer data.”
If your details were put at risk, Lyca Mobile should write to you to let you know.
Anyone who thinks they might be involved should take immediate steps to protect themselves.
KP Law has some of the most skilled data breach lawyers in England and Wales. Here are just some of our success stories.
KP Law is a founding member of the Collective Redress Lawyers Association (CORLA). CORLA aims to improve access to justice for claimants by way of collective redress.
