Connect with us

Hi, what are you looking for?


Mobile & Wireless

Lyca Mobile Services Significantly Disrupted by Cyberattack

International mobile network operator Lyca Mobile says a cyberattack has significantly disrupted its services in many countries.

International mobile virtual network operator Lyca Mobile has confirmed that its services were significantly disrupted in recent days due to a cyberattack that may have also resulted in a data breach.

The attack, which started late last week, prevented customers and retailers from accessing top-ups and also impacted national and international calling. 

Lyca Mobile, which claims to have more than 16 million customers, is based in the UK and operates across 60 countries. 

The incident has impacted services in all markets, except for the US, Australia, Tunisia and Ukraine. 

The company is trying to determine whether any personal information was compromised as a result of the cyberattack. 

“We are confident that all our records are fully encrypted, and we will keep customers updated on the outcome of our investigation as we work with our expert partners to establish the facts,” Lyca Mobile said in a statement posted on its website. 

The company said mobile telecoms services have been restored, but there are some operational service issues that have yet to be fully resolved.  

While it has not shared any other details, the attack may have involved ransomware based on its brief description of the incident. 

Advertisement. Scroll to continue reading.

“This is an example of a cyberattack having very real and physical impacts on society,” Mike Newman, CEO of My1Login, told SecurityWeek. “Last Friday, social media sites were awash with complaints from angry Lyca Mobile customers over their inability to send text messages and make calls. It is now clear this was caused by what looks like a massive cyberattack that impacted all of Lyca Mobile markets.”

“At this early stage, it is unlikely Lyca Mobile will have a clear understanding of exactly what has happened, but it is clear the attackers managed to get deep enough into the service provider’s network to take down key services – this could indicate it was ransomware Lyca Mobile was dealing with. However, the company has reported that its data is encrypted, so hopefully this means attackers won’t have been able to reach anything which puts customers at risk,” Newman added.

Related: NSA, CISA Issue Guidance on 5G Network Slicing Security

Related: T-Mobile Says Personal Information Stolen in New Data Breach

Related: Johnson Controls Ransomware Attack Could Impact DHS

Written By

Eduard Kovacs (@EduardKovacs) is a managing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join us as we delve into the transformative potential of AI, predictive ChatGPT-like tools and automation to detect and defend against cyberattacks.


As cybersecurity breaches and incidents escalate, the cyber insurance ecosystem is undergoing rapid and transformational change.


Expert Insights

Related Content

Mobile & Wireless

Infonetics Research has shared excerpts from its Mobile Device Security Client Software market size and forecasts report, which tracks enterprise and consumer security client...

Mobile & Wireless

Apple rolled out iOS 16.3 and macOS Ventura 13.2 to cover serious security vulnerabilities.

Mobile & Wireless

Samsung smartphone users warned about CVE-2023-21492, an ASLR bypass vulnerability exploited in the wild, likely by a spyware vendor.

Mobile & Wireless

Critical security flaws expose Samsung’s Exynos modems to “Internet-to-baseband remote code execution” attacks with no user interaction. Project Zero says an attacker only needs...

Mobile & Wireless

Two vulnerabilities in Samsung’s Galaxy Store that could be exploited to install applications or execute JavaScript code by launching a web page.

Malware & Threats

Apple’s cat-and-mouse struggles with zero-day exploits on its flagship iOS platform is showing no signs of slowing down.

Mobile & Wireless

Asus patched nine WiFi router security defects, including a highly critical 2018 vulnerability that exposes users to code execution attacks.

Mobile & Wireless

Technical details published for an Arm Mali GPU flaw leading to arbitrary kernel code execution and root on Pixel 6.