In the UK, home broadband provider Virgin Media has recently admitted that private data for 900,000 of its customers had been left in plain text on an unsecured server.
A Virgin Media database containing the personal details and information of 900,000 people was left unsecured and accessible online for 10 months from April 2019 until February 28, 2020, the company has acknowledged.
The incorrectly configured, marketing database exposed customers’ full names, email addresses, dates of birth, contact numbers and, in some cases, details that linked customers to pornography and explicit websites, potentially leaving them open to blackmail and extortion. Luckily, It did not include passwords or financial details.
Ten months is a long time for all that data to have just been sitting there, waiting to be found. And while no passwords or bank details were among it, there’s an awful lot of contact information for a cyber-criminal to work with.
The breach was not due to a hack or a criminal attack, but it has been acknowledged that these sensitive details have been accessed by at least one person outside the company during the year that the data was left unsecured on what turned out to be a basic Virgin Media marketing database.
Details about approximately 1,100 Virgin Media customers’ devices were included in this data breach. Experts have commented that the nature of this combined data could enable phishing attacks or mobile phone scams. Phishing expeditions is when someone tries to get financial information out of a victim by pretending to be a company with a legitimate reason for contact. Although these attacks are not particularly sophisticated, they are effective for those caught off-guard, and can be a lucrative source of income.
This breach is now the subject of an investigation by the Information Commissioner’s Office (ICO), the UK data protection regulator.
This incident highlights the threat that home broadband environments pose to both personal and business mobile phones. The Financial Times and Daily Mail reported that this breach affected about 15 percent of Virgin Media’s paying customers; Virgin Media is now forced to pay up to £4.5billion in compensation to its affected customers.
They are extremely lucky they got away with just that. In the past, the maximum fine under the 1998 Act for data transgressions during the period that that Act was in force was £500,000. However, under the new Act, the penalties rise to €20 million or 4% of global turnover, whichever is the greater.
This incident brings to light the importance of securing customer data from all entry points whether that be your own database or your mobile carrier’s and how a weak defense system can be a major economic downfall for companies.
These silly mistakes can be avoided by strengthening your company’s defense system and combating massive threats from the start. It is difficult to fully trust the security of your mobile carrier, how do you really know what’s going on at their end?
Save your business money and streamline your on communication expenses with Cubed Mobile. In this global marketplace, your remote workforce is spread in various countries. We help you so that you will never again have to deal with the hassle of multiple telecom companies in each region and rest safe knowing that your data is encrypted and properly stored.
With our one vendor approach, we have already negotiated with local phone providers to find the lowest pricing for you,we take all the difficulties on us, you just pick the phone lines you need. To top it all off, we help you strengthen your security by allowing you to manage your employees’ smartphones and remotely wipe, backup and restore entire workspaces, apps and settings, and easily migrate them from one device to another with just a click.
Feel free to schedule a call with us anytime by clicking here.
Free for up to 5 users.
No credit card needed.