Virgin Media announced Thursday (March 5) that the personal details of 900,000 customers had been accessed by a third party as the company left a marketing database unsecured for months, according to the Financial Times.
Britain’s second-largest broadcast company, which is owned by billionaire John Malone’s Liberty Global, has been dealing with the problem all week as it discovered that the database in question had never been secured properly.
The breach was one of the largest in the U.K. as of late due to the sheer volume of customers affected.
Virgin Media stated in response to the incident that the breach was caused by a staff member not following the proper directions, and said the incident was not a cyberattack.
But the marketing database was accessed by at least one person outside of the company, and it had been left open since around April of last year. The issue was only rectified last week.
CEO Lutz Schüler said there was “no evidence” that the data of any customers had been used for illicit purposes while speaking on the sidelines of a London media conference.
The data breach affected roughly 15 percent of the company’s fixed line user base, and some Virgin Mobile users were also included. Non-Virgin Media users could have also been affected as the database included some “refer a friend” promotions. The information didn’t include passwords or financial details, but did include email addresses, phone numbers and details of their contract with the company, which could be valuable to fraudsters who could use the details to directly contact customers.
That could lead to the fraudsters posing as Virgin Media staff and using the information to con customers out of money.
Fraud and hacking scandals have become more commonplace in the modern world as data is increasingly moved onto online databases.