A Virgin Media database containing the personal details of 900,000 people was left unsecured and accessible online for 10 months the company has admitted.
The database which contained phone numbers, home and email addresses was accessed “on at least one occasion” by an unknown user.
Reports have confirmed the data breach was not due to a cyber-attack but rather the database had been “incorrectly configured” by a member of staff not following the correct procedures.
Virgin Media has confirmed almost all of those affected were Virgin customers with television or fixed-line telephone accounts, although the database also included some Virgin Mobile customers as well as potential customers referred by friends as part of a promotion.
Lutz Schüler, chief executive of Virgin Media said:
“We recently became aware that one of our marketing databases was incorrectly configured which allowed unauthorised access. We immediately solved the issue by shutting down access.”
He went on to say:
“Based upon our investigation, Virgin Media does believe that the database was accessed on at least one occasion but we do not know the extent of the access or if any information was actually used.”
“Protecting our customers’ data is a top priority and we sincerely apologise.”
Virgin Media said it would be emailing those affected in order to warn them about the risks of phishing, nuisance calls and identity theft.
You have a right to claim compensation from an organisation if you have suffered damage as a result of your data having been breached. This can include material damage such as if you have suffered financially and non-material damage such as if you have suffered distress and worry as a result of the data breach.
We at Ben Hoare Bell LLP have an experienced Data Protection Law team ready to assist you in claiming compensation if your data has been breached.
We can offer appointments via telephone or at our Newcastle, Gateshead, Sunderland and Middlesbrough offices.