Virgin Media database containing personal details of around 900,000 users was left unsecured and accessible online for 10 months. The company has admitted the incident. Virgin Media has apologized for the incident and really, there’s very little practical advice to offer in the light of this kind of breach, beyond the usual protocol of staying alert to any messages requesting personal information or access to any kind of finance.
As per the Virgin Media statement, this incident is not a Hack or a Cyberattack to Virgin Database. Its a misconfiguration to the user data which is mainly used for the marketing purpose. The issue was addressed by a Security researcher at TurgenSec Last Friday.
We recently became aware that one of our marketing databases was incorrectly configured which allowed unauthorised access. We immediately solved the issue by shutting down access. Protecting our customers’ data is a top priority and we sincerely apologise. Based upon our investigation, Virgin Media does believe that the database was accessed on at least one occasion but we do not know the extent of the access or if any information was actually used,Lutz Schüler, chief executive of Virgin Media
Virgin Media in order to clarify its customers released Help and Advice in their official portal. The company also alerts its customers not to fall in Phishing if they receive any calls in the name of Virgin Media and requesting confidential details about their account.
What are the details of customers are leaked?
As per the media statement, the complete Database is Neither hacked nor leaked. Here is the list of data that are set open to public without knowledge.
- Home and email address
- Phone numbers
- Technical Information
- Product information, including any requests Customer made using forms on Virgin Media website.
- In a very small number of cases, it included the date of birth.
Data leaked dose not contain any critical data’s which includes Passwords, financial statements, Credit Card details, and Banking details.
An independent forensics investigation launched after shutting down all access to the database. All Customers are contacted directly by Virgin media to ensure their data security.
In order to ensure the data safety of customer Virgin Media released several list of safety measures for customers.
- If you ever receive a call claiming to be from Virgin Media that you don’t trust, please hang up and report it to us straight away
- Please remember, you should never disclose any sensitive information over email, including banking details, and we will never ask you to do so.
- If you receive an email that you are concerned about, don’t click on any links, open any documents or reply to it.
We know how concerning this is, and we’re sorry it’s happened. This database didn’t include financial details or passwords, and we’re contacting affected customers in the next 24-48 hours. Find out more here: https://t.co/QunMSHbkk5— Virgin Media (@virginmedia) March 7, 2020