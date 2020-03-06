Image copyright

A buyer database left unsecured on-line through Virgin Media contained main points linking some customers to pornography and particular web sites.

The researchers who first came upon the database advised the BBC that it contained additional information than Virgin Media instructed.

Such main points may well be utilized by cyber-criminals to extort sufferers.

Virgin Media advised the BBC just a small selection of customers had those delicate main points within the database.

The UK telecoms corporate printed on Thursday that one among its “marketing databases” containing main points of 900,000 other folks was once open to the web and have been accessed “on at least one occasion” through an unknown consumer.

On Friday, it showed that the database contained main points of about 1,100 customers who had used a web-based shape to ask for a selected web site to be blocked or unblocked.

It mentioned it was once within the means of contacting customers once more about explicit information that can had been stolen.

When it first showed the information breach on Thursday, Virgin Media warned the general public that the database contained telephone numbers, house addresses and emails.

However, researchers at cyber-security company TurgenSec – which discovered the database – mentioned it contained extra intimate main points.

“Stating to their customers that there was only a breach of ‘limited contact information’ is from our perspective understating the matter potentially to the point of being disingenuous,” one researcher advised the BBC.

“These highly sensitive details could be used by cyber-criminals to boost the chances of extorting money from victims.”

Virgin Media mentioned the database didn’t “provide information as to what, if anything, was viewed” through affected customers.

The corporate mentioned nearly all of the ones affected had been Virgin customers with tv or fixed-line phone accounts, even if the database additionally incorporated some Virgin Mobile customers in addition to attainable customers referred through pals as a part of a promotion.

It added that each one people have been given main points on how to touch the corporate for make stronger and recommendation.

A consultant of TurgenSec mentioned Virgin Media’s safety have been a ways from good enough.

“The information was in plain text and unencrypted, which meant anyone browsing the internet could clearly view and potentially download all of this data without needing any specialised equipment, tools, or hacking techniques,” they advised the BBC.

Virgin Media, which is owned through US cable workforce Liberty Global, mentioned it took safety very significantly.

It mentioned it had knowledgeable the Information Commissioner’s Office (ICO) of the information breach, as required.

A spokeswoman for the ICO mentioned it was once investigating, and added: “People have the right to expect that organisations will handle their personal information securely and responsibly. When that doesn’t happen, we advise people who may have been affected by data breaches to be vigilant when checking their financial records.”

Virgin Media mentioned it could be emailing the ones affected, so as to warn them concerning the dangers of phishing, nuisance calls and id robbery. The message will come with a reminder no longer to click on on unknown hyperlinks in emails, and no longer to supply non-public main points to unverified callers.