International mobile virtual network operator Lyca Mobile has confirmed that its services were significantly disrupted in recent days due to a cyberattack that may have also resulted in a data breach.

The attack, which started late last week, prevented customers and retailers from accessing top-ups and also impacted national and international calling. 

Lyca Mobile, which claims to have more than 16 million customers, is based in the UK and operates across 60 countries. 

The incident has impacted services in all markets, except for the US, Australia, Tunisia and Ukraine. 

The company is trying to determine whether any personal information was compromised as a result of the cyberattack. 

“We are confident that all our records are fully encrypted, and we will keep customers updated on the outcome of our investigation as we work with our expert partners to establish the facts,” Lyca Mobile said in a statement posted on its website. 

The company said mobile telecoms services have been restored, but there are some operational service issues that have yet to be fully resolved.  

Advertisement. Scroll to continue reading.

While it has not shared any other details, the attack may have involved ransomware based on its brief description of the incident. 

“This is an example of a cyberattack having very real and physical impacts on society,” Mike Newman, CEO of My1Login, told SecurityWeek. “Last Friday, social media sites were awash with complaints from angry Lyca Mobile customers over their inability to send text messages and make calls. It is now clear this was caused by what looks like a massive cyberattack that impacted all of Lyca Mobile markets.”

“At this early stage, it is unlikely Lyca Mobile will have a clear understanding of exactly what has happened, but it is clear the attackers managed to get deep enough into the service provider’s network to take down key services – this could indicate it was ransomware Lyca Mobile was dealing with. However, the company has reported that its data is encrypted, so hopefully this means attackers won’t have been able to reach anything which puts customers at risk,” Newman added.

Related: NSA, CISA Issue Guidance on 5G Network Slicing Security

Related: T-Mobile Says Personal Information Stolen in New Data Breach

Related: Johnson Controls Ransomware Attack Could Impact DHS

Leave a Reply

Your email address will not be published. Required fields are marked *