On the same day yesterday, when the US-based telecom giant T-Mobile admitted a data breach, the UK-based telecommunication provider Virgin Media announced that it has also suffered a data leak incident exposing the personal information of roughly 900,000 customers.
Unlike the T-Mobile data breach that involved a sophisticated cyber attack, Virgin Media said the incident was neither a cyber attack nor the company’s database was hacked.
Rather the personal details of around 900,000 Virgin Media UK-based customers were exposed after one of its marketing databases was left unsecured on the Internet and accessible to anyone without requiring any authentication.
“The precise situation is that information stored on one of our databases has been accessed without permission. The incident did not occur due to a hack, but as a result of the database being incorrectly configured,” the company said in a note published on its website on Thursday night.
According to the notification, Virgin Media said the exposed database was accidentally left unsecured on the Internet from April 19, 2019—that’s almost a year—and was recently accessed by an unauthorised party at least once.
images from Hacker News