Three UK Incident

21 Nov 2016 12:50 PM

Three UK incident and related NCSC Guidance.

Three UK have confirmed an incident that they estimate affects around 134,000 customers and are contacting them directly with advice and support. In cases like this there is the possibility of secondary fraud where criminals use other methods including phishing attempts to commit other crimes.  Advice on minimising this risk can be found here.

A criminal investigation is now underway under the leadership of the National Crime Agency (NCA) with three people arrested in connection to the incident.

The National Cyber Security Centre (NCSC) has been working with the NCA and Three UK to investigate the incident.

As the national authority on cyber security, the roles of the National Cyber Security Centre in an incident of this kind are to:

• Provide all possible support to law enforcement;
• Work with the company concerned to manage the incident and bring it to a conclusion;
• Investigate the root causes of the incident and factor in any lessons learned to future guidance and policy on cyber security.

In the case of cyber related attacks, it can, on certain occasions, take a significant period of time to understand the incident given the technical complexities involved. And it is vital that nothing is said publicly that could interfere with law enforcement inquiries.