Negligence will aggravate Virgin Media fine, lawyers warn

Negligent data management at Virgin Media has exposed the personal details of 900,000 of its customers, after a database was left unsecured for ten months, and during which period was accessible online.

The database, was had been "incorrectly configured" by a member of staff, was a marketing database containing telephone numbers, home and email addresses.

Partner at city law firm DMH Stallard, Jonathan Compton says the company can expect a large fine.

"One of the key principles of the 1998 Act and the more recent EU based Data Protection Act 2018 is the obligation on data handlers to keep that data secured. The Virgin Media database was accessed at least once and the company is not able to tell the identity of the user concerned.

"It is important to note that this was not a case of a secure database being hacked. No, this was an “error by a member of staff not following correct procedures”.

"The maximum fine under the 1998 Act for data transgressions during the period that that Act was in force was £500,000. Under the new Act, the penalties rise to E20m or 4% of global turnover, whichever is the greater.

"Fines towards the maximum of the applicable Act are likely. This was a serious breach, over a long period, affecting nearly 1 million people. The situation is aggravated by the fact that this was not the result of a hack but the result of negligence."

Cyber security specialist at ESET, Jake Moore said leaving data insecure “should seriously be a thing of the past” but that this major gaffe shows that some companies are completely unaware of exactly where their data is and how vulnerable it may be to cyber attacks.

“Whilst no passwords or bank details were under any risk of compromise, this is still enough for a cyber criminal to take advantage of. Usually, the next step for attackers will be to follow up with phishing emails enticing customers to divulge further information. Coupled up with Virgin’s broadband outage in the week, this could be a particularly good target for malicious actors to prey on,” he added.

    Share Story:

Recent Stories

Are property insurers ready for timber
The Structural Timber Association is gearing up to help all stakeholders in the construction supply chain to fully appreciate the advantages of building in timber, how to deliver such projects and most importantly to understand and manage the risks.

The changing face of BC and WAR
The working environment has changed quite dramatically for many over the last six months. With social distancing and the rise of homeworking, it is not just how businesses operate that has changed, but also how they recover. In this podcast we discuss some of the challenges created by the quick shift to home working, why the office may not have seen its last days and how the current environment can impact the ability of a business to recover.