Article Details

Lyca Mobile investigates customer data leak after cyberattack. Lyca Mobile has released a statement about an unexpected disruption on its network caused by a cyberattack that may have also compromised customer data. The British company provides mobile telecommunications and voice IP (VoIP) services in 60 countries, including the United States, the U.K., Germany, Australia, France, Italy, and the Netherlands. The attack occurred over the weekend and caused service provision interruptions in all but four countries. Specifically, customers and retailers reported that they were unable to access the company’s top-up portal. National and international calling services have also been affected according to the company's press release. In response to the situation and to determine the impact on customer data, Lyca Mobile says it has launched an urgent investigation that involves third-party IT experts. Law enforcement and data protection authorities have also been notified about the security incident. “Our number one priority is ensuring the safety and security of our customers’ data, and we are urgently investigating whether any personal information may have been compromised as part of this attack,” reads the company statement. “We are confident that all our records are fully encrypted, and we will keep customers updated on the outcome of our investigation as we work with our expert partners to establish the facts.” Lyca Mobile's statement about the incident and the effect it caused is no longer available at the address specified by a company representative. It is also worth noting that the page with Lyca's statement included a "noindex" rule that prevented search engines from showing it in search results.  The company comment about encrypted customer data indicates that the firm suspects or has verified unauthorized access to its databases. However, the statement does not clarify the type of encryption used for protecting customer data. Regarding the availability of Lyca Mobile’s services, the firm says restoration efforts are underway. However, certain operational services remain unavailable in some of the impacted markets. BleepingComputer has reached out to Lyca Mobile for a comment about the attack and the reason for removing the company statement from the shared URL but has not received a reply at publishing time.