Aerial Direct

Aerial Direct operates as a telecommunications services provider based in the United Kingdom, functioning as a major partner for the O2 network. The company's core business involves delivering communication solutions, with a specific focus on serving business customers, including both current and former clients. Its operational scope is defined by this partnership, positioning it within the UK's competitive telecom sector as a key intermediary for enterprise-facing services. The organisation's market presence is tied to its ability to support O2's business customer base, though its exact size and reach are not detailed in available records. Its primary distinguishing attribute, as evidenced by public incident reporting, is its role in managing sensitive customer data for a major network operator, which inherently subjects it to significant data protection responsibilities under UK law. The handling of a substantial data breach in 2020 became a defining event, highlighting both the risks of third-party data management and the company's incident response protocols.

The most comprehensively documented aspect of Aerial Direct's operations is its response to a security incident discovered on 26 February 2020. During this event, unauthorised third-party access was gained to an external backup database containing personal information of over 130,000 business customers. The compromised data included names, dates of birth, business addresses, email addresses, phone numbers, and product details, while financial information and passwords remained secure. Upon discovery, the company immediately disabled system access to contain the breach and launched an investigation with external cybersecurity experts. It also proactively notified the UK Information Commissioner's Office, fulfilling a key regulatory obligation. To support affected customers, Aerial Direct established a dedicated support resource, advising vigilance, recommending password updates, and emphasising the monitoring of financial accounts for suspicious activity. This incident underscores the organisation's position within a larger telecom ecosystem and its operational duty to safeguard partner and customer data, with its response demonstrating a standardised approach to breach containment, regulatory compliance, and customer communication as required by UK data protection frameworks. The event's scale, affecting a clearly stated number of customers, provides the only explicit metric of its customer base footprint. No information is available regarding the company's ownership structure, parent organisations, or subsidiary relationships.