Vodafone Italia's low-cost brand Ho Mobile has confirmed an illegal intrusion into its customer database, resulting in the leak of some personal data.

In a statement released Monday, the company said it is still investigating the extent of the breach, however, it appears that personal information (names, surnames, telephone numbers, tax codes, emails and addresses) and technical data related to customers’ SIM cards was stolen, but no traffic consumption (text messages, phone calls, web activities, etc.) or banking details.

The breach is believed to have impacted around 2.5 million Ho Mobile’s customers.

To minimize the impact of the breach on its customers and prevent SIM-swapping attacks the Italian mobile operator is offering to replace SIM cards for all affected customers free of charge.

First news of the data breach emerged at the end of last month, when a security researcher discovered a dump on a hacker forum containing details of 2.5M customers of Ho Mobile. The seller had been asking $50,000 for the entire database, and at least one actor may have bought the database.