Security News > 2020 > March > Virgin Media Accused of Downplaying Security Incident
Virgin Media has been accused of downplaying the recently disclosed cybersecurity incident that involved the personal information of roughly 900,000 people.
UK-based phone, TV and broadband services provider Virgin Media started informing customers and potential customers last week that some of their personal information was exposed as a result of a misconfigured marketing database.
The security firm also believes that the incident demonstrates Virgin Media's poor cybersecurity practices.
"Out of the approximate 900,000 people affected by this database incident, 1,100, or 0.1%,had information included relating to our 'Report a Site' form. This form is used by customers to request a particular website to be blocked or unblocked - it does not provide information as to what was viewed and does not relate to any browsing history information," a Virgin Media spokesperson told SecurityWeek.
"We strongly refute any claim that we have acted in a disingenuous way. In our initial notification to all affected people about this incident we made it clear that any information provided to us via a webform was potentially included in the database. All individuals have been given details on how they can get in touch with us directly to address any queries, or for support and advice. We will be further contacting customers, where appropriate, to provide additional guidance," they added.