Virgin Media Data Breach Exposes Info of 900,000 Customers

Joanna Estrada
March 7, 2020

Virgin Media has apologised after a data breach left the personal details of around 900,000 customers unsecured and accessible. "The incident did not occur due to a hack, but as a result of the database being incorrectly configured", the company said in a note published on its website on Thursday night.

He added that no passwords or payment data was compromised, but names, home and email addresses and phone numbers were listed in the database.

A Virgin Media spokesman said: "Out of the approximate 900,000 people affected by this database incident, 1,100, or 0.1%, had information included relating to our Report a Site form".

It was reportedly left unsecured for 10 months.

"We recently became aware that one of our marketing databases was incorrectly configured, which allowed unauthorised access".

"Protecting our customers' data is a top priority and we sincerely apologise".

And while no passwords or bank details were among it, there's an very bad lot of contact information for a cyber-criminal to work with.

Virgin Media CEO Lutz Schüler elaborated on the incident, claiming the company shut down database access as soon as it learned of the mishap.

The company has said it has notified the affected customers via email, warning them of potential phishing or fraud attempts. The message will include a reminder not to click on unknown links in emails and not to provide personal details to unverified callers.

Adam French, Which? consumer rights expert, said: "This data breach has exposed the data of nearly a million Virgin Media customers and whilst no financial details or passwords were included, those customers are likely to be anxious".

Virgin Media is a leading cable operator in the United Kingdom and Ireland, and it delivered 14.6 million broadband, video, and fixed-line telephony services to approximately 6.0 million cable customers, as well as mobile services to 3.3 million subscribers at December 31, 2019, according to the company's preliminary Q4 2019 results. A simple misconfiguration can result in supposedly internal data being exposed to the wider internet as a result, with many would-be attackers regularly scanning for newly exposed "buckets" to see whether they contain valuable data such as personal information or passwords. "Online security advice and help on a range of topics are available on our website", Virgin Media said.

Other reports by Click Lancashire

Discuss This Article