DORSET Police is issuing advice to Virgin Media customers following a data breach that saw the details of some 900,000 people left exposed online.
Virgin Media has apologised after a data breach left the personal details of around 900,000 customers unsecured and accessible.
The company said that the breach occurred after one of its marketing databases was "incorrectly configured" which allowed unauthorised access.
It assured those affected by the breach that the database "did not include any passwords or financial details" but said it contained information such as names, home and email addresses, and phone numbers.
Virgin said that access to the database had been shut down immediately following the discovery but by that time the database was accessed "on at least one occasion".
It added that it was unsure the extent of the access or if any information was actually used.
It has been reported that the database has been unsecured since April 2018.
A spokesman for Dorset Police Cyber Crime Unit said: "It has recently been discovered that a marketing database containing the personal details of 900,000 Virgin Media customers has been left exposed online. Whilst it’s important to stress that no payment details or passwords are thought to have been leaked, the information available is sufficient to direct a phishing campaign, particularly in the wake of the prolonged outage of Virgin Media services that affected large parts of Dorset over the last couple of days.
"Again, it’s important to stress that we have not received any reports of this, but it is not inconceivable that fraudsters may try to capitalise on this with well crafted phishing emails. To help keep yourself safe, and to find out more about how to spot the signs of a phishing email, head to dorset.police.uk"
In a statement, the company said: "We recently became aware that one of our marketing databases was incorrectly configured which allowed unauthorised access.
"We immediately solved the issue by shutting down access to this database, which contained some contact details of approximately 900,000 people, including fixed line customers representing approximately 15% of that customer base.
"Protecting our customers' data is a top priority and we sincerely apologise.
"The database did not include any passwords or financial details, such as credit card information or bank account numbers, but did contain limited contact information such as names, home and email addresses and phone numbers.
"Based upon our investigation, Virgin Media does believe that the database was accessed on at least one occasion but we do not know the extent of the access or if any information was actually used.
"We are now contacting those affected to inform them of what happened. We urge people to remain cautious before clicking on an unknown link or giving any details to an unverified or unknown party."
Adam French, Which? consumer rights expert, said: "This data breach has exposed the data of almost a million Virgin Media customers and whilst no financial details or passwords were included, those customers are likely to be worried.
"It is vital that Virgin Media continues to provide clear information on what has happened.
"For anyone concerned they could be affected - it's good practice to update your password after a data breach. Also, be wary of emails regarding the breach, as scammers may try and take advantage of it."
Virgin said that online security advice and help on a range of topics is available to customers on its website.
Ernest Doku, telecoms expert at Uswitch.com, said: “Almost a million Virgin Media customers will be rightly concerned to learn that their personal data has been accessible and unsecure since last summer.
“Ten months is a long time for information useful to scammers, like phone numbers and email addresses, to be left available online.
“While it’s fortunate that only one ‘unknown user’ accessed the information in that time, it only takes one person to sell that information to cyber-criminals.
“Virgin Media will undoubtedly review its policies to make sure that this doesn’t happen again, and reassure its customers that their data is safe.
“If you have been affected by this data breach, be wary of any emails from unexpected sources, and never click on any links in messages that you aren’t 100% confident about.”
Comments: Our rules
We want our comments to be a lively and valuable part of our community - a place where readers can debate and engage with the most important local issues. The ability to comment on our stories is a privilege, not a right, however, and that privilege may be withdrawn if it is abused or misused.
Please report any comments that break our rules.
Read the rules here