Hackers steal bank details of 2 million Vodafone Germany customers

Hackers have gained access to a Vodafone Germany server and stolen the personal data - including bank account information - of two million customers.

In a statement, the telco says that the attacker managed to get hold of bank account numbers and sort codes, as well as names, addresses, dates of birth, gender information. Credit card numbers and PINs were not compromised.

Vodafone insists that it is "hardly possible to directly access the stolen data to the bank accounts" but tells affected customers to be vigilant about potential phishing e-mails designed to obtain additional information which could be used with the stolen data.

The attack was carried out with "high criminal energy" and "insider knowledge", says the statement, but was stopped as soon as it was discovered. Vodafone then called in in the German authorities and is now writing to all compromised customers.

Related Companies

Vodafone

Channels

Retail banking Security

Keywords

Mobile & online banking

Comments: (1)

Pat Carroll - ValidSoft - London 16 September, 2013, 13:40

Be the first to give this comment the thumbs up

0 likes

The news has broken that hackers have stolen the personal information of two million Vodafone Germany customers from one of the company’s servers. Some of this information includes confidential bank account details, and many of these customers are now at risk of fraudsters attempting to access their accounts. Although they may not have access to all the details they need to compromise the security of the customers’ accounts, they could soon get them, through tactics like email phishing and telephone vishing.

Fraudsters will always find ways of accessing our personal information. To really secure our money, we need to ensure that once hackers have this information, they can’t use it to access our bank accounts and authorise payments and transfers. Banks need to have the controls to prevent stolen information being used, even though they may never be responsible for the actual loss of the data. In today’s electronic world, the more places your bank account and card details are stored, the greater the risk of them being hacked.

The answer is robust authentication and transaction verification, relative to the bank’s perceived risk of the transaction. It must combine speed (real-time), strong security, efficiency and ease of use, while shutting down the scope for fraudsters to benefit from their crime.

Financial institutions need to step up and utilise more effective authentication and verification systems that can protect customers’ bank accounts when their personal information has been stolen.