Virgin Media has suffered from a data leak. Reports indicate that their customers porn histories have been exposed.
Another day, another security incident. This time, it affects UK carrier Virgin Media. In this case, some are fearing that the data being exposed could open the floodgates to extortion from criminals. From the BBC:
The UK telecoms company revealed on Thursday that one of its “marketing databases” containing details of 900,000 people was open to the internet and had been accessed “on at least one occasion” by an unknown user.
On Friday, it confirmed that the database contained details of about 1,100 customers who had used an online form to ask for a particular website to be blocked or unblocked.
It said it was in the process of contacting customers again about specific data that may have been stolen.
When it first confirmed the data breach on Thursday, Virgin Media warned the public that the database contained phone numbers, home addresses and emails.
However, researchers at cyber-security firm TurgenSec – which found the database – said it contained more intimate details.
“Stating to their customers that there was only a breach of ‘limited contact information’ is from our perspective understating the matter potentially to the point of being disingenuous,” one researcher told the BBC.
“These highly sensitive details could be used by cyber-criminals to boost the chances of extorting money from victims.”
March has been rather rough for companies and customers alike in the realm of breaches and leaks. It started with Clearview AI which suffered a data breach in which their entire client list was stolen. After that, Canadian mobile carrier Koodo suffered its own breach with customer information being sold on the dark web. In that case, outside of class action lawsuits, customer recourse may not really exist.
Unlike the Canadian example, this one occurred under the General Data Protection Regulation (GDPR). As a result, the company has some pretty convincing motivating factors to cooperate with regulators and authorities. One of those motivating factors is the fact that they face a fine of a percentage of global annual turnover should they fail to comply with the laws.
Drew Wilson on Twitter: @icecube85 and Facebook.
