Virgin Media, one of the UK’s largest internet service providers, has warned hundreds of thousands of customers that they should change their passwords, after an independent investigation found that some of its home routers were vulnerable to being hacked.
Leading UK consumer advocacy group, Which?, found that hackers could gain access to Virgin Media’s Super Hub 2 cable modem/router devices, allowing online intruders to interact with certain connected devices.
Which?, working with security researchers at SureCloud, found that home CCTV cameras and at least one children’s ‘smart toy’ were among the vulnerable devices. One CCTV system was accessed by SureCloud’s ‘ethical hackers’, using an administrator account on the Super Hub 2 that was not protected by a password. The hackers were able to view live images from inside a home, as well as remotely moving some cameras.
Virgin Media acknowledged the risk, but said that its Super Hub 2 was not the only router of its generation that suffered from the same vulnerability. A spokesperson for the ISP told BBC News:
The security of our network and of our customers is of paramount importance to us.We continually upgrade our systems and equipment to ensure that we meet all current industry standards.We regularly support our customers through advice and updates and offer them the chance to upgrade to a Hub 3.0 which contains additional security provisions.
Which? said that it had found security flaws in eight out of 15 devices that it tested, and had contacted each of the manufacturers to highlight their vulnerabilities.