Virgin Media revealed about a data breach in which personal details of around 900,000 of its customers was accessed without permission due to a misconfigured and unsecured marketing database.
Virgin Media, a leading cable operator in the U.K. and Ireland, delivered 14.6 million broadband, video, and fixed-line telephony services to approximately 6.0 million cable customers and mobile services to 3.3 million subscribers.
Virgin Media came to know about the data breach on February 28 and the exposed database was available from at least April last year.
Lutz Schüler, CEO of Virgin Media stated in a press release that the company immediately solved the issue by shutting down access to this database, that contained some contact details of approximately 900,000 people, including fixed-line customers representing approximately 15% of that customer base.
He also mentioned that the database did not include any passwords or financial details, such as credit card information or bank account numbers. It contained limited contact information such as names, home and email addresses as well as phone numbers.
The company is contacting all the affected customers and they urge the people to remain cautious before clicking on any link or giving any details to an unknown party.
The database contained details of the existing and potential Virgin Media customers and it included contact details (such as name, home and email addresses, and phone numbers), technical and product information and customers’ dates of birth in few cases.
The company assured that the unsecured database was not used to store customer passwords or financial details, like bank account numbers or credit card information.
All the customers who believe that they might have been victims of identity theft are advised to contact their bank or credit card company to inform them of any suspicious transactions.
The company also warned the customers to be cautious about phishing attacks, fraud, or nuisance marketing communications.