Millions of Lyca Mobile customers have been unable to make or receive calls after a cyber attack pushed the UK mobile operator's network offline over the weekend.
The attack, which caused severe service provision interruptions for Lyca Mobile customers across 60 countries, made it impossible for customers to make or receive calls and blocked access to the company’s top-up portal.
It is not yet known if threat actors were also able to gain access to customer data during the attack. But the Soperator said in a statement released today that it was “urgently investigating” the situation.
“We first became aware of issues over the weekend, which were preventing customers and retailers from accessing top-ups through our channels. "It also impacted some national and international calling,” Lyca Mobile’s statement reads.
“Our focus on our customers is paramount. We are working around the clock to ensure that the impact on them is minimised.”
“A nightmare”
It is unclear exactly when the disruption started, or how many people are being affected. Lycamobile has 16 million mobile customers globally.
However, some customers were still reporting connectivity issues days after Lyca Mobile first reported experiencing service disruption.
“I cannot make any calls and am stuck inside. I need my phone working for health reasons. It is saying I have no credit I am on a pay monthly tariff. You have taken the payment. It's A NIGHTMARE,” one customer replied to a Lyca Mobile tweet on the situation.
I cannot make any calls and am stuck inside. I need my phone working for health reasons. It is saying I have no credit I am on a pay monthly tariff. You have taken the payment. It's A NIGHTMARE
— john branchett (@BranchettJ58590) October 5, 2023
Another tweeted: “I need a PAC code and have been waiting for 3 days to get one, you're [sic] text service isn't working!! Plus your app won't let me cancel renewal.”
Lyca Mobile, which piggybacks off-network operator EE’s infrastructure, has notified law enforcement and data protection authorities as part of its ongoing investigation into the incident.
“Our number one priority is ensuring the safety and security of our customer’s data, and we are urgently investigating whether any personal information may have been compromised as part of this attack,” reads the company statement.
“We are confident that all our records are fully encrypted, and we will keep customers updated on the outcome of our investigation as we work with our expert partners to establish the facts.”