Nearly 2,000 Vodafone customers are "open to fraud" after hackers accessed their personal details, the company has revealed.
The mobile phone giant said 1,827 accounts had been breached, potentially providing criminals with customers' names, mobile numbers, bank sort codes and the last four digits of their bank accounts.
The incident comes just over a week since telecoms giant TalkTalk said it had been subjected to a "significant and sustained" attack on its website, which prompted fears that millions of people may have had their bank details stolen.
Vodafone said an attempt had been made to access some of its customers' account details between midnight on Wednesday and midday on Thursday.
A spokesman for the firm said: "This incident was driven by criminals using email addresses and passwords acquired from an unknown source external to Vodafone.
"Vodafone's systems were not compromised or breached in any way."
An investigation was launched by the company before the National Crime Agency (NCA), Ofcom and the Information Commissioner's Office were informed on Friday evening.
Vodafone said its security protocols were "fundamentally effective" and no credit or debit card details were accessed.
A Vodafone spokesman said: "Our investigation and mitigating actions have meant that only a handful of customers have been subject to any attempts to use this data for fraudulent activity on their Vodafone accounts.
"The information obtained by the criminals cannot be used directly to access customers' bank accounts. However, this information does leave these 1,827 customers open to fraud and might also leave them open to phishing attempts.
"These customers' accounts have been blocked and affected customers are being contacted directly to assist them with changing their account details."
Vodafone said it had alerted the banks and any other customers who are not contacted by the company today need not be concerned.
On Friday, TalkTalk said the cyber attack on its website was "significantly less than originally suspected" with fewer than 21,000 unique bank account numbers and sort codes accessed.
Two teenagers who were arrested over that incident - a 15-year-old boy from County Antrim in Northern Ireland and a boy aged 16 from Feltham in west London - were released on police bail.
An NCA spokeswoman said: "The NCA can confirm that we have been contacted by Vodafone in relation to a compromise of customer data, and we are in dialogue with the company.
"Anyone who thinks they have been subject to attempted or successful fraud, or other online crime, should report it to action fraud at www.actionfraud.police.uk."
Why are you making commenting on The Herald only available to subscribers?
It should have been a safe space for informed debate, somewhere for readers to discuss issues around the biggest stories of the day, but all too often the below the line comments on most websites have become bogged down by off-topic discussions and abuse.
heraldscotland.com is tackling this problem by allowing only subscribers to comment.
We are doing this to improve the experience for our loyal readers and we believe it will reduce the ability of trolls and troublemakers, who occasionally find their way onto our site, to abuse our journalists and readers. We also hope it will help the comments section fulfil its promise as a part of Scotland's conversation with itself.
We are lucky at The Herald. We are read by an informed, educated readership who can add their knowledge and insights to our stories.
That is invaluable.
We are making the subscriber-only change to support our valued readers, who tell us they don't want the site cluttered up with irrelevant comments, untruths and abuse.
In the past, the journalist’s job was to collect and distribute information to the audience. Technology means that readers can shape a discussion. We look forward to hearing from you on heraldscotland.com
Comments & Moderation
Readers’ comments: You are personally liable for the content of any comments you upload to this website, so please act responsibly. We do not pre-moderate or monitor readers’ comments appearing on our websites, but we do post-moderate in response to complaints we receive or otherwise when a potential problem comes to our attention. You can make a complaint by using the ‘report this post’ link . We may then apply our discretion under the user terms to amend or delete comments.
Post moderation is undertaken full-time 9am-6pm on weekdays, and on a part-time basis outwith those hours.
Read the rules here