According to the head of Threat detection Labs (ESET), Jiri Kropac, the passwords requirements still lack strength. He tested it for bleeping computer, it’s because the passwords comprising of 4-6 digits will quickly succumb to the brute force attack in the scenarios where the attacker is resolute enough.
Battling the reputational damage, Vodafone has reported the incident to The National Crime Agency, the Information Commissioner’s Office and Ofcom. The mobile phone provider further added, reinstating its priorities – “Our investigation and mitigating actions have meant that only a handful of customers have been subject to any attempts to use this data for fraudulent activity on their Vodafone accounts. No other customers need to be concerned, as the security of our customers’ data continues to be one of our highest priorities.”