Lyca Mobile Hit by Cyberattack Impacting Millions of Customers

Lyca Mobile Hit by Cyberattack Impacting Millions of Customers
We may receive commissions for purchases made through links on our website. We appreciate your support.

Many people in the UK who use Lycamobile were left puzzled when they couldn’t send texts or make calls on the 29th of September (Friday). The U.K.-based mobile virtual network provider giant Lycamobile has confirmed that a cyberattack was the reason behind the service disruption for millions of its customers.

In this article, we’re going to explain what happened and what Lycamobile is doing to fix the problem.

What Is Lyca Mobile?

Lyca Mobile claims to be the world’s largest international mobile virtual network operator, or MVNO, which piggybacks off network operator EE’s infrastructure. Lyca has over 15 million customers across 21 countries. 

As an MVNO, Lyca Mobile does not own the wireless network infrastructure over which it provides services to its customers. Instead, it enters into a business agreement with a wireless network operator to obtain bulk access to network services at wholesale rates, then sets retail prices independently. 

This allows companies like Lyca to offer flexible and low-cost services without large infrastructure investments.

What Was the Cyberattack?

In a statement this week, Lyca confirmed that the security incident prevented customers from topping up their balances via its website, app or in stores over the weekend. The attack also prevented some users from making national and international calls.

These issues affected all Lyca Mobile markets, except for the United States, Australia, Ukraine and Tunisia, according to the company’s brief statement. Lyca said that because their records are encrypted, it’s unlikely that any personal information of their customers has been breached. However, they have said that they’re currently investigating the incident.

“We are confident that all our records are fully encrypted, and we will keep customers updated on the outcome of our investigation as we work with our expert partners to establish the facts,” the company’s statement says.

What Has Lyca’s Response Been?

Lyca’s spokesperson Cara Whitehouse refused to comment on the incident when approached by the American tech site Tech Crunch. However, in the same conversation, he mentioned that the company’s main objective right now is to make sure that their “operational services are back up and running.”

As of yet, it’s unknown who Lyca is working with to investigate the cyberattack. They’ve also refused to answer questions about the type of encryption they use, so it’s unclear whether any information was stolen during the attack.

Lyca Mobile did mention, however, that they have restored mobile telecommunication services in all of its markets, though there are some services that are still in the process of being fixed.

Regulatory Oversight

Adele Burns, a spokesperson for the U.K.’s Information Commissioner’s Office, told TechCrunch that the data protection watchdog had not received a breach report from Lyca Mobile as of yet. Companies typically have to notify the ICO within 72 hours of discovering a data breach.

If you try to look up Lyca’s statement on Google, there’s a good chance you won’t be able to find it. That’s because the webpage has a “noindex” code, which prevents search engines like Google from showing it in search results.

lyca mobile statement

Lyca Mobile’s full statement as shared on their site. (Source:

Impact on Lyca’s Customers

The cyberattack caused major disruption for Lyca Mobile's millions of customers who rely on the service. Inability to top up balances likely left many customers unable to make calls or use data services. Loss of international calling further hampered communication. 

While Lyca says customer records are encrypted, questions remain about what specific data may have been compromised in the attack. Lyca has not provided details on the nature of the cyberattack, leaving customers uncertain about the extent of the breach.

By hiding its public statement on the incident from search engines, Lyca reduced transparency around an event that significantly impacted its customers. Clear communication and transparency will be key in maintaining customer trust as the company works to restore services after this attack.

Hopefully, we’ll get more details on the attack soon from Lyca because so far, their response hasn’t been good enough. Rebuilding trust will require a lot more effort.

Stay Protected Online

To keep your data safe following cyberattacks like this, use a VPN service like NordVPN or ExpressVPN when connected to public Wi-Fi. VPNs encrypt your internet traffic to prevent snooping.

Also be sure to run up-to-date antivirus software from trusted providers. This will help block malware and cyberattacks targeting your devices and information.

Hopefully, we’ll get more details on the attack soon from Lyca because so far, their response hasn’t been good enough. Rebuilding trust will require a lot more effort.