Virgin Media shoots itself in foot over phishing attack

VirginMedia2Virgin Media has hit back at Decision Marketing for suggesting its customer data had been accessed by fraudsters, with one senior official even claiming that the information might have been stolen from the customer’s dustbin, even though she has paperless billing.
The move follows last week’s story, in which we reported that one Decision Marketing reader had been the victim of a potential phishing attack.
The cold-call fraudster, who appeared to be from an Indian contact centre, said he was phoning from Virgin Media about an upgrade. He had all the reader’s personal information, including her name and address, account number and details of the TV package she had signed up to, her last payment date and amount paid.
The only part of the jigsaw which was missing was the bank account details, which he then tried to obtain fraudulently by offering discounts if the reader paid by direct debit.
However, when our reader contact Virgin Media, one official said: “You have no evidence that they were using our data; they could have stolen the details from your dustbin.”
When the reader pointed out she was on paperless billing another Virgin Media official said: “Well, maybe your hotmail account has been hacked, and they have got your details from there.”
The first official then claimed the company’s fraud team had looked at the account and there was no evidence to suggest the account or Virgin Media’s systems had been breached.
However, the potential fraudster only had part of the customer’s data, which would suggest that they had gained access from another source, possibly even a third-party supplier.
A Virgin Media spokesperson said:  “It’s untrue and misleading to suggest our customer database has been fraudulently accessed. We’re investigating this case and will liaise with the customer directly.
“We take the security of our customers’ personal information extremely seriously and advise our customers how to protect themselves from fraud with information on our website, as well as reporting any fraudulent incidents to Action Fraud.”
Our reader has now reported the matter to the Information Commissioner’s Office.
She said: “To somehow make out it is my fault is outrageous. Having worked in the data industry for more years than I care to mention, I do know something about this stuff; the fraudster must have got my details from somewhere, even if it wasn’t directly from Virgin. You have to wonder how many other people Virgin Media are batting off by claiming it is the customer’s fault.”

Related stories
Scammers access Virgin Media data for phishing attack
TalkTalk fined £100,000 over India call centre failings
25 million UK adults in the dark over theft of their data
Stephen Fry on alert as toffs’ data is stolen from club
Uber faces long arm of the law over 64m data breach
Finance firms face sustained attack on their data vaults
FCA launches investigation into Equifax breach farce
Millions of Instagram users hit by major hack attack
Data breach at games giant CeX hits 2m customers
Data breaches ‘hit shares, sales and growth for years’

Print Friendly