Virgin Media data breach 'could link customers to pornographic sites'

Tom McArthur
Page editor
A Virgin Media employee delivering a digital tv reciever. (Photo by: Newscast/Universal Images Group via Getty Images)

An unsecured database that left the personal details of almost one million Virgin Media (LBTYA) customers accessible to unknown parties allegedly contained data that could link customers to pornographic sites.

Virgin media apologised for the breach on Friday, which affected around 900,000 customers, and insisted that “limited contact information” had been accessed.

However TurgenSec, the cyber security company that discovered the breach, said the database included details of explicit and violent content.

These included "requests to block or unblock various pornographic, gore related and gambling websites, corresponding to full names and addresses," according to TurgenSec.

Read more: Toxic ideas of masculinity are bad for all employees

Information about customer subscriptions to the different aspects of Virgin Media services, including premium components, was also left accessible.

The database was reportedly left unsecured since April 2019.

A Virgin Media spokesman said: "Out of the approximate 900,000 people affected by this database incident, 1,100, or 0.1%, had information included relating to our Report a Site form.

"We strongly refute any claim that we have acted in a disingenuous way. In our initial notification to all affected people about this incident, we made it clear that any information provided to us via a webform was potentially included in the database.

"All individuals have been given details on how they can get in touch with us directly to address any queries, or for support and advice. We will be further contacting customers, where appropriate, to provide additional guidance.

Read more: Virgin Atlantic bosses to take 15% pay cut in coronavirus response

"In addition, we are currently building a bespoke, secure online tool which will allow any individual to find out if they are affected and which data types relating to them was included in the database.

"We once again apologise to those who have been affected."