Breach, Data Security

Virgin Media leaves database open, thousands of records exposed

The UK telecom and ISP Virgin Media is informing some customers of a data breach that took place when unauthorized persons accessed an incorrectly configured database.

Virgin Media, which supplies telephone, TV and internet services in the UK, said names, home and email addresses, phone numbers and in some cases birth dates, were stored in the database. Virgin did not report how many customers were affected, but some published reports place the figure at 900,000.

The database was used to store information relating to marketing activities.

The company maintains no financial information or passwords were stored in the database and the affected people are being contacted by mail.

Virgin Media is refusing to classify this as a cyberattack saying in a statement the incident was not due to a hack, but as a result of the database being incorrectly configured.

“We know what happened, why it happened and as soon as we became aware we immediately shut down access to the database and launched a full independent forensic investigation. We have also informed the Information Commissioner’s Office,” the company said.

Misconfigured databases, those configured with no or very weak login credentials, have plagued hundreds of companies in the last few years.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.