At-risk phone customers made safe after data breach investigation

24 November 2017

Two brothers who stole upgrade information from a mobile phone network were found guilty after National Crime Agency (NCA) officers traced the theft to their computers.

Between 18 October and 11 November 2016 Scott Pullen, 41, of Manchester (pictured top), and John Pullen, 48, of Kent (pictured below), used automated software to sweep Three’s database and steal data on upgrades.

Scott Pullen, whose job as a data merchant was to find sales leads for phone companies, tried to get ahead of his competitors by illegally accessing Three’s data.

John Pullen made the automated tool which let Scott mine Three’s systems for information.

John Pullen sized for web

NCA officers arrested the brothers in November last year and on seeing Scott Pullen’s database contacted several private sector firms to tell them they had also suffered data breaches.

There is no suggestion either Pullen was responsible for the other breaches.

Scott Pullen was ordered to perform 200 hours of community service by Thameside Magistrates Court in August.

John Pullen was sentenced at Croyden Crown Court on 17 November to 4 months in prison, suspended for 12 months, and was ordered to perform 200 hours of community service.

Andrew Shorrock, operations manager at the NCA, said: “Three took the important and still relatively uncommon step of voluntarily and quickly reporting a cyber attack to law enforcement.

“This meant we could find the culprits and alert private sector firms to their data being sold online, allowing the companies to increase security around customer accounts.

“This investigation has added to NCA knowledge of the marketplace for stolen data which will help us to detect and bring to justice those who exploit people in this way.”

Share this Page: