Virgin Media data breach: 900,000 people's data exposed

  • Virgin Media revealed that a database full of personal information of customers and marketing targets was breached, exposing 900,000 people's personal information.

    Data protection has been a high priority for companies dealing with personal information since the EU General Data Protection Regulations (GDPR) came into effect in May 2018. Any firm dealing with personally identifiable information such as names, addresses, and emails, has to ensure that it has adequate security in place to prevent unauthorised access.

    Virgin Media has announced that it's suffered a major data breach involving the personal information of around 900,000 people, including 15% of its fixed-line customer base. The breach involved a misconfigured marketing database that was inadvertantly left accessible, and Virgin's investigation found that it was accessed at least once.

    The database fortunately didn't contain any user passwords, credit card information, or banking information. The leaked information included names, home addresses, email addresses, and phone numbers, which are often sold on the black market to spam companies. The database was left exposed for over a year, and those affected will be getting emails explaining the situation.

    Breaches of personal data for UK customers used to fall under the UK's old data protection legislation with a maximum fine of £500,000, but GDPR knocked the lid off that with a maximum fine of 2-4% of a company's worldwide annual revenue in the preceding year. This could be bad news for media giant Virgin Media, which posted over £5 billion in revenue in 2018 and likely made more than this last year.

    Virgin has kept the Information Commissioner's Office informed of the breach as it's required to do by law, but the firm could be looking at a maximum fine of over £100m if the ICO's investigation finds that the breach was easily preventable or that Virgin's security procedures are insufficient.

    Source: Bleeping Computer, Virgin Announcement

    About the author

    Brendan is a Sync NI writer with a special interest in the gaming sector, programming, emerging technology, and physics. To connect with Brendan, feel free to send him an email or follow him on Twitter.

    Got a news-related tip you’d like to see covered on Sync NI? Email the editorial team for our consideration.

Share this story