Three Mobile has said that 76,373 more customers were affected in the data breach revealed by the Telegraph last year.
The figure brings the total number of people whose information was compromised by cyber criminals to 210,200, up 57 per cent on the company’s initial estimates.
Fraudsters managed to gain access to the upgrade database in Three’s computer system, which included the names, phone numbers, addresses, dates of births, payment method and some email addresses of hundreds of thousands of customers.
Criminals allegedly accessed the database using stolen login details from Three employees. They used information from the system to trick the mobile company into sending them high-end upgrade handsets meant for customers to an address where they could intercept them.
The company, which came under fire for failing to alert customers about the breach in a timely manner, has now admitted that more people could have had their details compromised.
“We have continued to work closely with law enforcement to support the ongoing investigation. During the course of the investigation, additional files were recovered as part of the same activity which we have analysed,” said Three.
Although the attackers didn’t have access to financial details or passwords, Three warned customers that the information gleaned could be used for further scams, such as phishing attacks.
“We ask customers to be cautious about anyone contacting them,” it said. “As always, customers should never give out any banking information.”
The company has contacted affected customers and said it will deal with requests to terminate contracts on a case by case basis.
The network advised concerned customers to call 333 on a Three mobile phone or 0333 338 1001 from another phone to get more information about the breach and whether their details may have been accessed.