What happened?
We recently became aware that some personal information, stored on one of our databases has been accessed without permission. Our investigation is ongoing and we have contacted affected customers and the Information Commissioner’s Office.
The database was used to manage information about our existing and potential customers in relation to some of our marketing activities. This included: contact details (such as name, home and email address and phone numbers), technical and product information, including any requests you may have made to us using forms on our website. In a very small number of cases, it included date of birth. Please note that this is all of the types of information in the database, but not all of this information may have related to every customer.
To reassure you, the database did NOT include any passwords or financial details, such as bank account number or credit card information.
We take our responsibility to protect personal information seriously. We know what happened, why it happened and as soon as we became aware we immediately shut down access to the database and launched a full independent forensic investigation.
How will I know if I’ve been affected?
We’ve contacted all the affected individuals with the advice on what to do next.
Was this a cyber-attack?
No, this was not a cyber-attack.
Has Virgin Media been hacked?
No, our database was not hacked.
I’m concerned that people might try to email or phone me to steal my personal information. What can I do?
This is called phishing, which is when people try to persuade people to tell them their personal information, often through an email or phone call. Please remember:
- Virgin Media will never call or email you to ask for bank account details.
- If you ever receive a call, claiming to be from us, please report it to us straight away.
- If you receive an email that you are concerned about, don’t click on any links, open any documents or reply to it. You can get some more advice here:
www.getsafeonline.org/protecting-yourself/spam-and-scam-email/
www.virginmedia.com/help/what-is-phishing
I’m worried my data might have been included in this incident, could someone steal my personal information and use it without my permission?
We’ve contacted all the affected individuals with the advice on what to do next. For clarity, no financial details or passwords were included in the database which was accessed.
Identity theft is when someone uses someone else’s personal information to obtain goods, services or money without permission. Examples of identity theft include taking out a credit card or ordering products in someone else’s name. In this case, no financial details or passwords were included in the database which was accessed. However, if you think you have been the victim of identity theft, you should:
Contact Action Fraud if you think that a fraud has been committed at https://www.actionfraud.police.uk/
What is Virgin Media doing to tackle this?
We take our responsibility to protect your personal information seriously. We know what happened, why it happened and as soon as we became aware we immediately shut down access to the database and launched a full independent forensic investigation. We have also informed the Information Commissioner’s Office.
Were any passwords stored in the database?
No passwords were contained within the database. However it is always a good idea to make sure that your passwords are strong and not easy to guess. We have created a help page with advice on how to set a strong password.
Were any financial details stored in the database?
No financial details, such as bank account number or credit card information, were included in the database.
However, if you think you have been the victim of identity theft, you should inform your bank, building society and credit card company of any unusual transactions you see on your statement, or any information you receive about applications made in your name.