Virgin Media, the huge UK based internet, phone, and television provider revealed yesterday that one of their databases had been accessed and breached for over 900,000 customers data points and information. The cause of the breach was due to zero security. The database was stored online and was left without any password or security to access it.
Virgin Media states the database was used for marketing purposes therefore the information was not considered sensitive. Well according to the 900,000 customers affected speaking out on Twitter there was personally identifiable information (PII) such as addresses, names, emails, phone numbers, and more that Virgin Media disclosed to them personally via email. No financial information was accessed during the breach such as credit card numbers, bank numbers or accounts, but identity fraud is still incredibly high and likely if someone with maleintent got their hands on the previous PII mentioned.
Virgin Media says they have already informed the UK data watchdogs, The Information Commissioner’s Office of the breach, but warn all customers affected to be on the lookout for phishing lures and attacks. If you’ve been notified by Virgin Media that your email or phone number was taken you should be extra weary of any sort of communication received. Often times it is nearly impossible to tell the difference between a real email or a forgery, but if anybody asks for your information do not give it out.
“Based upon our investigation, Virgin Media does believe that the database was accessed on at least one occasion but we do not know the extent of the access or if any information was actually used,” Lutz Schüler, CEO of Virgin Media, stated via press release. Schüler also stated that so far they have no proof or knowledge of the information being used maliciously yet, but again warn their users against phishing scandals. If you’ve been contacted by Virgin Media make sure to keep your eyes out for future news regarding compensation or consequences regarding this breach.