Telegraph sources believe that as many as six million records may have been accessed, which are thought to contain names, phone numbers, addresses and dates of birth. Three says no financial information has been stolen.
A spokesman for Three said: "Over the last four weeks Three has seen an increasing level of attempted handset fraud. This has been visible through higher levels of burglaries of retail stores and attempts to unlawfully intercept upgrade devices."
"We've been working closely with the Police and relevant authorities. To date, we have confirmed approximately 400 high value handsets have been stolen through burglaries and eight devices have been illegally obtained through the upgrade activity."
"The investigation is ongoing and we have taken a number of steps to further strengthen our controls. In order to commit this type of upgrade handset fraud, the perpetrators used authorised logins to Three's upgrade system. This upgrade system does not include any customer payment, card information or bank account information."
News of the attack comes after the high-profile hack of TalkTalk in October 2015. which saw almost 160,000 customers have their details stolen. The quad-play provider was fined £400,000 for not properly safeguarding customer information and has spent the past 12 months trying to stop customers jumping ship. Earlier this week, a 17-year-old boy pleaded guilty to his role in the TalkTalk attack.
The National Crime Agency confirmed the arrests in the following statement: "On Wednesday 16 November 2016, officers from the National Crime Agency arrested a 48-year old man from Orpington, Kent and a 39-year old man from Ashton-under-Lyne, Manchester on suspicion of computer misuse offences, and a 35-year old man from Moston, Manchester on suspicion of attempting to pervert the course of justice."
"All three have since been released on bail pending further enquiries. As investigations are on-going no further information will be provided at this time."