Three has said only 133,827 customers have been affected by the breach of its system that broke on Friday.
At first it was believed as many as six millions of customers could have been affected, but Three has since given more insight on the incident, including the fact far fewer people were affected than was first thought.
"Our investigation of the upgrade system shows that for 107,102 customers, the following information could have been obtained: Whether they are a handset or SIM only customer, contract start and end date, handset type, Three account number, how long they’ve been with Three, whether the bill is paid by cash or card, billing date and name."
Aditionally it said a further 26,725 customers could have had the following information obtained.
"Name, address, date of birth, gender, handset type, contract start and end date, whether they are a handset or SIM only customer, telephone number, email address, previous address, marital status, employment status, Three account number and phone number and how long they’ve been with Three."
Three first confirmed the breach on Thursday, revealing that hackers used an employee log-in to gain entry into its database of customers eligible for a phone upgrade.
The hackers allegedly took the information from Three's upgrade database and used it to issue eight new phones. It is alleged that these phones were then intercepted on their way to a Three customer whose account was used to generate the request, and probably sold on for profit.
A spokesman for Three said in a statement given to The Telegraph: "Over the last four weeks Three has seen an increasing level of attempted handset fraud. This has been visible through higher levels of burglaries of retail stores and attempts to unlawfully intercept upgrade devices.
"We've been working closely with the police and relevant authorities. To date, we have confirmed approximately 400 high-value handsets have been stolen through burglaries and eight devices have been illegally obtained through the upgrade activity.
"The investigation is ongoing and we have taken a number of steps to further strengthen our controls.
"In order to commit this type of upgrade handset fraud, the perpetrators used authorised log-ins to Three’s upgrade system. This upgrade system does not include any customer payment, card information or bank account information."
It also issued a statement on Facebook to customers.
The National Crime Agency (NCA) is investigating the breach and said that three people have been arrested.
A spokesman for the NCA said: "On Wednesday 16 November 2016, officers from the NCA arrested a 48-year-old man from Orpington, Kent and a 39-year-old man from Ashton-under-Lyne, Manchester on suspicion of computer misuse offences, and a 35-year-old man from Moston, Manchester on suspicion of attempting to pervert the course of justice.
"All three have since been released on bail pending further enquiries. As investigations are ongoing, no further information will be provided at this time."
The hack follows a breach at TalkTalk in October 2015, when hackers stole the details of more than 150,000 customers, including those for the bank accounts of around 15,000 people.
The firm was fined £320,000 last month by Britain's data protection regulator for security failings it said had allowed customers' data to be accessed "with ease".
Infected apps have been downloaded more than 50 million times
Customers of regular price-raising ISP and cable operator claim nationwide outages started on Monday
Pixel 2 smartphones and a Pixel-branded laptop also planned by Google
The moment you've all been waiting for...