Virgin Media has revealed that almost one million customers could be at risk after a database containing personal details was left unsecured for 10 months. The incident occurred due to a member of staff not following the correct procedures. This meant that personal details such as name, home address, email and even date of birth were all easily accessible.
The broadband and TV firm said it was alerted to the blunder by an independent security researcher.
Most of those affected are customers who have television or fixed-line phones with the company.
Virgin Media has now begun emailing all of those affected with a message saying: “We are very sorry to have to inform you that we recently became aware that some of your personal information, stored on one of our databases has been accessed without permission.
“Our investigation is ongoing but we currently understand that the database was accessible from at least 19 April 2019 and that the information has been recently accessed.
“We take our responsibility to protect your personal information seriously. We know what happened, why it happened and as soon as we became aware we immediately shut down access to the database and launched a full independent forensic investigation. We have also informed the Information Commissioner’s Office.”
- Virgin Media is raising prices AGAIN and customers aren’t happy
It’s worth noting that the database didn’t contain any passwords or bank details but there is still some concern that the data could give cyber criminals the chance to target users with phishing campaigns.
Virgin is now advising all those affected to be on alert with the firm advising the, given the nature of the information involved, there is a risk you might be targeted for phishing attempts, fraud or nuisance marketing communications.
Speaking about the security lapse, Lutz Schüler, chief executive of Virgin Media said: “We recently became aware that one of our marketing databases was incorrectly configured which allowed unauthorised access. We immediately solved the issue by shutting down access.”
“Protecting our customers’ data is a top priority and we sincerely apologise,” he said.
“Based upon our investigation, Virgin Media does believe that the database was accessed on at least one occasion but we do not know the extent of the access or if any information was actually used,”
And Adam French, Which? Consumer Rights Expert, added: “This data breach has exposed the data of almost a million Virgin Media customers and whilst no financial details or passwords were included, those customers are likely to be worried. It is vital that Virgin Media continues to provide clear information on what has happened.
“For anyone concerned they could be affected – it’s good practice to update your password after a data breach. Also, be wary of emails regarding the breach, as scammers may try and take advantage of it.”
Source: Read Full Article