Workers at T-Mobile UK have been selling customer data to brokers who work for the competition, T-Mobile and the U.K.'s Information Commissioner's Office said on Tuesday.
In an announcement (PDF) from the ICO, the agency does not name the operator involved, but T-Mobile acknowledged that it alerted ICO about the data breach.
Employees sold details about customers' contracts, including the date that their contracts end, to brokers, according to the ICO.
T-Mobile competitors bought the information and then called customers prior to the expiration of their contracts to offer them deals with the new operator, ICO alleges.
"Many thousands" of customer account details were sold to several brokers for substantial amounts of money, the ICO said.
T-Mobile appeared to have hoped that it wouldn't be named.
"We had been asked before today to keep all information on this case strictly confidential so as to avoid prejudice to the investigation and prosecution. We were therefore surprised at the way in which these statements were made to the BBC today," it said in a statement.
The BBC reported that after the other mobile operators said they were not the subject of the investigation, T-Mobile confirmed its involvement.
T-Mobile worked with the ICO to identify the source of the breach, it said.
"While it is deeply regrettable that customer information has been misappropriated in this way, we have proactively supported the ICO to help stamp out what is a problem for the whole industry," T-Mobile said in a statement.
Both T-Mobile and ICO said they are hopeful that the involved parties will be prosecuted.
Join the CIO Australia group on LinkedIn. The group is open to CIOs, IT Directors, COOs, CTOs and senior IT managers.