Following investigations carried out as a result of disruption to our network, it has become clear that Lyca Mobile has been the victim of a cyber attack.We first became aware of issues over the weekend, which were preventing customers and retailers from accessing top-ups through our channels. It also impacted some national and international calling. The issues affected all Lyca Mobile markets apart from the United States, Australia, Ukraine and Tunisia.Our focus on our customers is paramount. We are working around the clock to ensure that the impact on them is minimised.Our number one priority is ensuring the safety and security of our customers’ data, and we are urgently investigating whether any personal information may have been compromised as part of this attack. We are confident that all our records are fully encrypted, and we will keep customers updated on the outcome of our investigation as we work with our expert partners to establish the facts.As part of our rapid incident response, we have engaged 3rd party technical expertise to complement our internal expertise. Additionally, we are in close contact with the relevant regulatory and law enforcement authorities in each of our impacted markets, ensuring we fulfil all our obligations.The mobile telecommunication services affected by this attack have now been restored in all of our markets. There are some operational services that are yet to be fully resolved, but we are working hard to restore all functionality across all countries as quickly as possible.
Notification to customersFollowing investigations carried out as a result of disruption to our network, it has become clear that the Lyca Mobile entity that provides you services has been the victim of a systems cyber attack. We are working around the clock to ensure that the impact to our customers is minimised. Lyca Mobile first became aware of this on 30 September and took immediate action to contain the incident, which included isolating and shutting down systems where appropriate. We also instructed leading security and other experts to help us investigate and minimise any impact on your data including the period during which we recover our systems. We have also notified and are in discussions with all of the relevant regulatory authorities. It will take some time to fully complete our investigations and carefully restore all of our systems, but it is now clear to us that the attackers have accessed at least some of the personal information held in our systems. We now believe this includes at least some customer data, so we are writing to advise you to be vigilant in case of any suspicious activity. The main types of personal information which we hold in connection with our customers are set out below.Identification information: where you have given them to us we may hold your name, address, date of birth, alternative contact number and/or email address.Where provided to us, any identity information such as proof of address, copies of passports, identity cards or similar information that was provided to us as part of your initial verification when you purchased your phone service.If you have set up an online account, such as MyAccount, with Lyca Mobile then we may also hold a password for you. Our policy is to ensure that passwords are encrypted in our systems, but since we do not yet have full details of the cyber attack, please see the recommended actions below. Customer service interactions: some interactions between customers and our customer service team are recorded (having been selected at random) and those records are held for up to 60 days. If you have chosen to store a credit card in your online account then we will also hold the last four digits of your credit card number and its expiration date. The full credit card number will also be held, but will be encrypted for additional security and we consider the risk of any access to be very low. We do not hold the 3 digit CVV code in any form. We would also like to flag to customers that our number porting functionality has been affected by the attack on our systems. We are currently unable to provide users with PAC codes. We sincerely apologise for the inconvenience caused and are working around the clock to ensure this and all other functionality is restored as quickly as possible. Password resetsIf you have a Lyca Mobile password, then as an extra precaution we recommend that you reset that. If you use your Lyca Mobile password for other online accounts, you should change it now. If you have reused the same credentials including the same password elsewhere (e.g., on unrelated websites) you may wish to consider changing those too as a precaution and as good practice generally.Staying vigilantWe remain vigilant for any suspicious activity and are recommending that you please do the same. Given the nature of the information potentially involved, there is a risk you might be targeted for phishing attempts, fraud or nuisance marketing communications. Criminals may use your personal details to target you with convincing emails, texts and calls. Be suspicious of unsolicited requests for your personal or financial details. If you receive an e-mail which you're not sure about, treat it with caution, or if you have been a victim of fraud or cyber crime, contact your bank immediately and you should report this to the police. The security of your personal information is very important to us and as our investigation progresses, we will consider whether we need to take any further steps to help protect that information. While we hope to bring all of our systems back online as soon as possible, we are doing so carefully to minimise any further issues. Please bear with us if there are any interruptions to service in this time. We are also liaising with the Information Commissioner's Office ("ICO") and Ofcom.Contacting usIf you have any questions, you can contact our Customer Services team at cs@lycamobile.co.uk. You can also find more information generally about how we handle your personal information and your rights, together with details of our Data Protection Officer, in our website privacy notice. This can be found at www.LycaMobile.co.uk/en/LycaMobile-privacy-policy06 October 2023Marc PayneData Protection Officer
What a strange world we live in, what possible motivation could the attacker have?
That's the thing isn't it, you'd think a lot of those systems would be independent of each other so its bizarre its impacted so much.
