• 219
  • 8
  • 78
Message 1 of 1
Flag for a moderator

Account breached... what steps do Virgin Media take?

Following on from this post:, I'm curious what steps Virgin Media when they suspect an account has been breached.

In that particular thread, it appears VM have advised the customer to use TLS in a letter around 2 weeks post-breach. Unless @7WalnutClose has skipped over the rest of the letter, this sounds like a ludicrous response.

Surely, it'd be prudent to either lock the account (such that no further spam can be sent) or force a password reset and then advise the customer to use a secure protocol in future?

With that in mind, can someone at VM explain the process of alerting customers of a potential breach please?

WRT: security/TLS...

I'm all for promoting the use of TLS, however much of VMs infrastructure is woefully configured... and in many cases, completely & utterly insecure.

For example, the TLS certificate on, & are all invalid (expired, wrong common name, SHA1 signed, weak cipher suites et al).  Quite how your admins have missed a cert which expired in 2015, I'll never know.

Another example: ( ... it's vulnerable to LuckyNegative20/FreezerBurn and as such, is insecure... and yet you process personal data, payments & orders via that endpoint.  Again, this has been the case since May 2016 and with a CVSS BS of 5.9, it's something which should have been patched almost immediately.  None of the email service endpoints are HIPAA/NIST complaint either, for various reasons (typically a lack of stapling/protocol support).


0 Kudos