Virgin Media fires password change warning to 800,000 users over smart home hacking risk

UK ISP Virgin Media has fired off a warning to some 800,000 customers, advising them to change their passwords and update their router due to a smart home hacking risk.

The flaw was discovered during a Which? investigation and relates to Virgin Media’s old-gen Super Hub 2 router.

The independent consumer advocacy group, working alongside white hat hackers from security firm SureCloud, found that it was possible to use the Wi-Fi router to gain access to various smart home devices, including a connected toy and home security cameras.

Related: Best routers

In one instance, the hackers were able to use an unprotected admin account to hijack CCTV cameras, giving them access to live footage from inside a house as well as remote control of the system.

Virgin Media downplayed the risk as ‘small’, but the findings were still enough to prompt the ISP to advise a hefty 800,000 of its users to change their passwords – and upgrade to the more recent Super Hub 3.0 router where possible.

A spokesperson told the BBC:

“The security of our network and of our customers is of paramount importance to us.

“We continually upgrade our systems and equipment to ensure that we meet all current industry standards.

“We regularly support our customers through advice and updates and offer them the chance to upgrade to a Hub 3.0 which contains additional security provisions.”

Virgin Media also pointed out that the vulnerability wasn’t unique to Super Hub 2 devices – security flaws were discovered in eight of the 15 devices tested by Which? and SureCloud. Interestingly, the Amazon Echo was one of the appliances that proved difficult to breach.

Whatever the case, if you’re a Virgin Media customer, it’s probably a good idea to follow the company’s advice and give your passwords a refresh.

Related: Best password manager

Are you concerned by the Virgin Media ‘hack’? Let us know in the comments below.