Pierluigi Paganini October 04, 2023

International mobile virtual network operator Lyca Mobile announced it has been the victim of a cyber attack that disrupted its network.

Lyca Mobile is a mobile virtual network operator (MVNO) that provides prepaid mobile phone services to customers in several countries worldwide. A mobile virtual network operator doesn’t own its own physical wireless network infrastructure but instead leases network services from established mobile carriers.

Lycamobile operates in 60 countries and has reached more than 15 million pay-as-you-go customers worldwide.

The company issued a statement to announce it has been the victim of a cyber attack that disrupted its network.

The cyber attack began last week, according to the statement it, prevented customers and retailers from accessing top-ups through company channels. The cyber attacks did not impact service in the US, Australia, Tunisia and Ukraine. 

“Following investigations carried out as a result of disruption to our network, it has become clear that Lyca Mobile has been the victim of a cyber attack.” reads the statement published by the company.

“We first became aware of issues over the weekend, which were preventing customers and retailers from accessing top-ups through our channels. It also impacted some national and international calling. The issues affected all Lyca Mobile markets apart from the United States, Australia, Ukraine and Tunisia.”

The company launched an investigation into the security breach with the support of third-party technical experts. Lyca Mobile also notified relevant regulatory and law enforcement authorities in each of our impacted markets.

The company is investigating to determine whether any personal information was exposed.

“Our number one priority is ensuring the safety and security of our customers’ data, and we are urgently investigating whether any personal information may have been compromised as part of this attack.” continues the statement. “We are confident that all our records are fully encrypted, and we will keep customers updated on the outcome of our investigation as we work with our expert partners to establish the facts.”

The telecommunication provider informed its customers that it has restored the impacted services in all of its markets. However, there are some operational services that are yet to be fully resolved.

The company did not provide details about the attack, but likely the company was hit by a ransomware attack.

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – hacking, Lyca)