Lyca Mobile Investigates Customer Data Leak After Cyberattack

Lyca Mobile has recently issued a statement regarding an unexpected disruption on its network caused by a cyberattack, which may have also compromised customer data.

About Lyca Mobile

Lyca Mobile, a British telecommunications company, offers mobile and voice IP (VoIP) services in 60 countries, including the United States, the U.K., Germany, Australia, France, Italy, and the Netherlands.

The Cyberattack and Service Interruptions

The cyberattack occurred over the weekend and resulted in service provision interruptions in all countries, except for four. Customers and retailers reported being unable to access Lyca Mobile’s top-up portal. The attack also affected national and international calling services, as stated in the company’s press release.

Investigation and Notification

In response to the incident, Lyca Mobile has launched an urgent investigation, enlisting the help of third-party IT experts. The company has also informed law enforcement and data protection authorities about the security breach.

According to the company statement, ensuring the safety and security of customer data is their top priority. They are actively investigating whether any personal information has been compromised. Lyca Mobile assures customers that their records are fully encrypted, and they will provide updates on the investigation as they collaborate with their expert partners to establish the facts.

Unavailability of Lyca Mobile’s Statement

The statement issued by Lyca Mobile regarding the incident and its impact is no longer accessible at the specified address. The company representative has not provided a reason for removing the statement.

It is worth mentioning that the page containing Lyca’s statement had a “noindex” rule, preventing search engines from displaying it in search results.

Encryption and Service Restoration

Lyca Mobile’s comment about encrypted customer data suggests that unauthorized access to their databases has been suspected or confirmed. However, the statement does not specify the type of encryption used to protect customer data.

The company is actively working on restoring their services. While efforts are underway, certain operational services remain unavailable in some affected markets.

BleepingComputer has reached out to Lyca Mobile for a comment regarding the cyberattack and the removal of the company statement from the shared URL. However, they have not received a reply at the time of publishing.