Virgin Media discloses a data breach that exposed the personal information of roughly 900,000 of its customers.

Virgin Media discloses a data breach that exposed the personal information of approximately 900,000 customers (names, home, and email addresses and phone numbers ) . The company reported unauthorized access, on at least one occasion, to a misconfigured and unsecured marketing database.

Virgin Media is a leading cable operator in the UK and Ireland which provides telephone, television and internet services to approximately 6.0 million cable customers, as well as mobile services to 3.3 million subscribers at December 31, 2019.

The company discovered the security breach on February 28, 2020, it determined that the database was accessible from at least April 19, 2019. According to an ongoing investigation, the database was only recently accessed by an unauthorized party at least on one occasion. The cable operator immediately addressed the issue by shutting down access to this exposed database.

“We recently became aware that one of our marketing databases was incorrectly configured which allowed unauthorised access. We immediately solved the issue by shutting down access to this database, which contained some contact details of approximately 900,000 people, including fixed line customers representing approximately 15% of that customer base. Protecting our customers’ data is a top priority and we sincerely apologise .” Lutz Schüler, CEO of Virgin Media, said in a press release.

The company CEO pointed out that the database did not include financial information or passwords.

Virgin Media is contacting the impacted customers recommending them to remain vigilant on possible phishing messages.

“We are now contacting those affected to inform them of what happened. We urge people to remain cautious before clicking on an unknown link or giving any details to an unverified or unknown party. ” continues the CEO’s notice.

In a separate data breach notification page, the company provides more details on the incident, it explained that the database contained information on existing and potential Virgin Media customers such as:

contact details (such as name, home and email addresses, and phone numbers)

technical and product information

customers’ dates of birth (in a very small number of cases)

The incident was disclosed a few hours US wireless carrier T-Mobile has disclosed a data breach that exposed some of the customers’ personal information.

Pierluigi Paganini

(SecurityAffairs – hacking, Virgin Media)