Virgin Media is urging 800,000 customers to update passwords on their internet routers after an investigation by Which? revealed security flaws.
Over a matter of days, a team of ethical security researchers hired by the consumer group were able to hack into the Virgin Media Super Hub, which acts as a gateway to all smart or wifi-enabled devices in the home.
The router comes with a simple password which users often do not change. Now Virgin Media is calling on affected customers to change both their network and router passwords if they are using the default option shown on a sticker below their router.
The company is also giving customers the opportunity to upgrade their routers to a more up to date version.
A spokesperson for Virgin Media says: “The security of our network and of our customers is of paramount importance to us. We continually upgrade our systems and equipment to ensure that we meet all current industry standards. To the extent that technology allows this to be done, we regularly support our customers through advice and updates and offer them the chance to upgrade to a Hub 3.0 which contains additional security provisions.”
The Which? investigation also highlighted problems with certain smart home gadgets too including wireless CCTV. It commented on a home camera called Fredi Megapix which is run online with a default administrator account that does not require a password. Which? said this was a “real privacy concern” particularly in light of the fact that hackers could pan and tilt the camera to control its view. Which? said thousands of other cameras operate in a similar way. The researchers from SureCloud were also able to hack into children’s toys called CloudPets – stuffed toys that enable family and friends to send messages to the child via Bluetooth.
Always update default passwords
Commenting on the findings, Alex Neill, managing director of home products and service at Which? says: “There is no denying the huge benefits that smart-home gadgets and devices bring to our daily lives. However, as our investigation clearly shows, consumers should be aware that some of these appliances are vulnerable and offer little or no security.
“There are a number of steps people can take to better protect their home, but hackers are growing increasingly more sophisticated. Manufacturers need to ensure that any smart product sold is secure by design.”
Which? recommends users always update default passwords. New passwords should be strong and include a mixture of letters, numbers and special characters.
It also says households should make sure they keep their software and firmware updated to ensure they are benefiting from the latest security. Gadgets should always be connected to a secure wifi network and located away from windows and doors where hackers outside of the property will find them easier to access.