Irish users safe as Virgin UK warns customers to change passwords immediately

23 Jun 2017

Virgin Media. Image: Jason Batterham/Shutterstock

A report into a Virgin Media device has spooked the company, with up to 800,000 UK customers advised to change their passwords immediately.

Keeping default passwords as protection for your devices is a terrible idea. It always has been, always will be.

The latest evidence of this comes from the UK, where a Which? investigation into Virgin Media’s Super Hub 2 router found that it was vulnerable to hacking.

How? If default passwords are used by customers, the devices can be accessed “in a matter of days”, according to the study.

“Using publicly available hacking tools that can be found on the web, we were able to crack the router password in just a few days,” said Which?.

“We were also able to log into the router’s configuration page, since the default password for doing so is shared across all Super Hub 2 devices.”

Potential nightmare

Given that routers are essentially access points to entire home networks in many cases, a hack of this kind is highly unwelcome.

Virgin, for its part, is immediately contacting customers who have the router – a reported 800,000 in the UK – to tell them to change their passwords to something more robust.

“The security of our network and of our customers is of paramount importance to us,” said Virgin in a statement.

“We continually upgrade our systems and equipment to ensure that we meet all current industry standards.

“To the extent that technology allows this to be done, we regularly support our customers through advice, firmware and software updates, and offer them the chance to upgrade to a Hub 3.0, which contains additional security provisions.”

Ireland is safe

This specific issue doesn’t extend beyond UK borders, with Virgin’s Irish operation using different routers. But, even still, users would be best served by steering clear of default passwords here, too.

“If you have a Super Hub 2 in your home, don’t panic. The chances of you being hacked are still, thankfully, very low,” said Which?.

The standard advice on new passwords remains: keep it long, with a mixture of cases, characters, special characters (* or ; for example) and numbers.

Virgin Media. Image: Jason Batterham/Shutterstock

Gordon Hunt was a journalist with Silicon Republic

editorial@siliconrepublic.com