Security Experts:

Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Compliance

Virgin Media Exposed Personal Information of 900,000 People

UK-based phone, TV and broadband services provider Virgin Media on Thursday admitted that it exposed the personal information of roughly 900,000 people.

UK-based phone, TV and broadband services provider Virgin Media on Thursday admitted that it exposed the personal information of roughly 900,000 people.

The company blamed the incident on a misconfigured marketing database that stored names, home addresses, email addresses, phone numbers, and technical and product information. Dates of birth were also exposed “in a very small number of cases.”

“Please note that this is all of the types of information in the database, but not all of this information may have related to you,” customers were told.

Virgin Media said the exposed database did not include any passwords or financial information, such as payment card details or bank account numbers. The database stored information on both customers and potential customers.

The firm said this was not a cyberattack and its database was not hacked. However, its investigation revealed that the database was accessed at least once, although it is unclear if any information was actually taken.

While it is possible that the database was accessed by malicious actors, it’s also not uncommon for security researchers to come across unprotected databases and access them for analysis, particularly if they appear to belong to a major organization.

In a letter sent out to affected individuals, Virgin Media said the database was accessible since at least April 19, 2019, and the unauthorized access occured recently.

Virgin Media claimed it quickly shut down access to the database once it learned of the exposure. The company launched an investigation into the data breach and notified the Information Commissioner’s Office.

Related: T-Mobile Notifying Customers of Data Breach

Related: 400 Mn Facebook Users’ Phone Numbers Exposed in Privacy Lapse: Reports

Related: Canadian Telecom Firm Freedom Mobile Exposed Customer Details

Related: Major U.S. Mobile Carriers Vulnerable to SIM Swapping Attacks

Written By

Eduard Kovacs (@EduardKovacs) is a contributing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Click to comment

Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.

Cybercrime

Zendesk is informing customers about a data breach that started with an SMS phishing campaign targeting the company’s employees.

Data Breaches

GoTo said an unidentified threat actor stole encrypted backups and an encryption key for a portion of that data during a 2022 breach.

Cybercrime

The release of OpenAI’s ChatGPT in late 2022 has demonstrated the potential of AI for both good and bad.

Cybercrime

Artificial intelligence is competing in another endeavor once limited to humans — creating propaganda and disinformation.

Cybercrime

Video games developer Riot Games says source code was stolen from its development environment in a ransomware attack

Incident Response

Cygnvs emerges from stealth mode with an incident response platform and $55 million in Series A funding.

Audits

Out of the 335 public recommendations on a comprehensive cybersecurity strategy made since 2010, 190 were not implemented by federal agencies as of December...