130,000 Eir customers at risk of hack, reset your modems now

6 Dec 201697 Shares

Share on FacebookTweet about this on TwitterShare on LinkedInShare on Google+Pin on PinterestShare on RedditEmail this to someone

Image: Mehaniq/Shutterstock

Share on FacebookTweet about this on TwitterShare on LinkedInShare on Google+Pin on PinterestShare on RedditEmail this to someone

A flaw in Eir’s wireless modems has exposed 130,000 customers to a hack, with the company requesting that customers reset their devices to access software upgrade.

“There’s no indication that any data has been accessed or lost,” said Paul Bradley, Eir’s director of communications, when speaking on Morning Ireland today (6 December). However, that’s about as good as the news gets for the company.

A flaw in a chip within two models of its modems – which affects 130,000 customers potentially and 2,000 definitely –means headaches all round.

Eir

For customers with modem models Zyxel D1000 and Zyxel P-660HN-T1A, it’s time to get to work. Eir said it’s busy contacting all of its customers but that could take a little bit of time so, in the meantime, an advisory for all those affected has been posted online.

Eir is basically providing a blow-by-blow account of how to reset modems, change passwords and make them a bit more secure. When they reboot, a software update from Eir should protect users in future.

Eir was originally made aware of the problem after coming across a post about it online. Message boards have been a constant treasure trove of customer monitoring for service providers in recent years.

The vulnerability, at a basic level, involves a port that acts like a gateway to allow Eir to manage the modem. However, as Bradley explained, if it is exposed, then hackers can start pouring malware onto accessed devices.

“In our investigations, we looked to see if there was an indication that some of this malware had established itself in advance of getting the mitigations in place,” said Bradley, with Eir’s initial response coming in late November, after its supplier confirmed the problem.

“[That was when] we found the 2,000 customers,” he said.

Bradley said there’s “no indication” that data has been accessed or lost, which isn’t the same as confirming that no data has been accessed or lost.

“We’re asking all our customers who have these two devices to manually reset the modem. This, in addition to the steps we have taken, will solve the problem.

“Power it down, unplug the broadband connection from the back, power it up, then follow the steps,” he said.

Eir has reported the problem to the Office of the Data Protection Commissioner, An Garda Siochána and to the Communications Regulator, also engaging with the National Cyber Security Centre.

Gordon Hunt is a journalist at Siliconrepublic.com

editorial@siliconrepublic.com