Security Experts:

Connect with us

Hi, what are you looking for?


Data Protection

Virgin Media Accused of Downplaying Security Incident

Virgin Media has been accused of downplaying the recently disclosed cybersecurity incident that involved the personal information of roughly 900,000 people.

Virgin Media has been accused of downplaying the recently disclosed cybersecurity incident that involved the personal information of roughly 900,000 people.

UK-based phone, TV and broadband services provider Virgin Media started informing customers and potential customers last week that some of their personal information was exposed as a result of a misconfigured marketing database.

The company said the exposed information included names, home addresses, phone numbers, technical and product information, and, in some cases, dates of birth.

The cybersecurity company that discovered the database, TurgenSec, has provided more details about its findings. TurgenSec described the telecom firm’s response to the breach as “strong” and commended the company for quickly removing access to the database. However, TurgenSec is not pleased with Virgin Media’s disclosure of the incident.

According to TurgenSec, the exposed information also included IP addresses, IMEIs associated with stolen phones, the user’s device type, information submitted via forms, and requests to block or unblock porn, gore-related or gambling sites.

Data exposed by Virgin Media

“We cannot speak for the intentions of their communications team but stating to their customers that there was only a breach of ‘limited contact information’ is from our perspective understating the matter potentially to the point of being disingenuous,” TurgenSec said.

The security firm also believes that the incident demonstrates Virgin Media’s poor cybersecurity practices.

“There seems to be a systematic assurance process failure in how they monitor the secure configuration of their systems. All information was in plaintext and unencrypted – which means anyone browsing the internet could clearly view and potentially download all of this data without needing any specialised equipment, tools, or hacking techniques. Anyone with a web-browser could access it,” TurgenSec said.

The company is also displeased with the fact that Virgin Media has not publicly given it credit for finding the exposed database.

Virgin Media, on the other hand, has suggested that its initial disclosure was rushed due to news of the incident being leaked to the press. The company says it thanks TurgenSec for its support.

“Out of the approximate 900,000 people affected by this database incident, 1,100, or 0.1%,had information included relating to our ‘Report a Site’ form. This form is used by customers to request a particular website to be blocked or unblocked – it does not provide information as to what, if anything, was viewed and does not relate to any browsing history information,” a Virgin Media spokesperson told SecurityWeek.

“We strongly refute any claim that we have acted in a disingenuous way. In our initial notification to all affected people about this incident we made it clear that any information provided to us via a webform was potentially included in the database. All individuals have been given details on how they can get in touch with us directly to address any queries, or for support and advice. We will be further contacting customers, where appropriate, to provide additional guidance,” they added. “In addition, we are currently building a bespoke, secure online tool which will allow any individual to find out if they are affected and which data types relating to them was included in the database.”

Related: T-Mobile Notifying Customers of Data Breach

Related: Canadian Telecom Firm Freedom Mobile Exposed Customer Details

Related: Major U.S. Mobile Carriers Vulnerable to SIM Swapping Attacks

Written By

Eduard Kovacs (@EduardKovacs) is a contributing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Click to comment

Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.

Data Breaches

GoTo said an unidentified threat actor stole encrypted backups and an encryption key for a portion of that data during a 2022 breach.

Incident Response

Cygnvs emerges from stealth mode with an incident response platform and $55 million in Series A funding.

Management & Strategy

Microsoft making a multiyear, multibillion dollar investment in the artificial intelligence startup OpenAI, maker of ChatGPT and other tools.

Management & Strategy

Tens of cybersecurity companies have announced cutting staff over the past year, in some cases significant portions of their global workforce.


Thoma Bravo will spend $1.3 billion to acquire Canadian software firm Magnet Forensics, expanding a push into the lucrative cybersecurity business.

Incident Response

A new Mississippi Cyber Unit will be the state’s centralized cybersecurity threat information, mitigation and incident reporting and response center.

Application Security

Many developers and security people admit to having experienced a breach effected through compromised API credentials.