Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

I'm a Virgin Media customer in the UK. My home internet connection stopped working recently and (long story short) in dealing with trying to fix it, it turns out my main login password for their service can be accessed by support staff. This means the password is being stored in plaintext.

I was contacted to ask about how customer services dealt with me and I stated how unbelievably insecure their (my!) data must be. This was the straw that finally broke my password insecurity camel's back - I now use KeePass to generate all my passwords.

I wonder if any big telcos actually treat customer data appropriately?



I use Virgin Media, but I'm not sure what you mean by 'password for the service'.

AFAIK you don't need a password to access the internet , just plug the cable modem in.

There is a password that you create which is used to call customer support, but AFAIK it's only used by the callcenter.

It's also worth noting that Virgin Media is nothing to do with virgin mobile, Virgin Media is still operated by the old telewest/NTL but they bought the Virgin branding.


I know the branding can act as a mask over different companies e.g. Sony VAIOs http://www.pcpro.co.uk/news/357289/sony-announces-division-t.... As you point out we're going from US mobile to UK broadband. But the point of the brand is to give consumers confidence in a consistent level of service and I thought it vaguely relevant to mention my experience.

Yes, by password for their service I mean the password chosen for my @virginmedia.com login where I can access/pay bills, look at phone calls made etc. I imagine if I had a TV package with them there would be other things I could do via their website.

I was pretty shocked that anyone - staff or otherwise - had access to my password.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: