Virgin Media Under Scrutiny for Email Privacy Breach

Bob Styran, IT audit expert
January 10, 2011 /

British broadband services provider Virgin Media is in hot water after reports came out that its email recycling practice could infringe the email privacy rights and security of its previous customers.

According to reports, Virgin Media has been dishing out email addresses of its previous customers to prospective customers who would register in its website to avail of broadband services.

Experts warned that Virgin Media is exposing its previous customers to data privacy threats as the email recycling practice could possibly give access to outside users to an individual’s personal information including password, thus violating the Data Protection Act.

At issue is the practice that when new Virgin Media customers would fill in registration forms at its website with an email address that has already been used by previous customers, Virgin Media would tell those customers that the email address entered was already in use.

Then the broadband services provider would forward information to the existing email address of that prospective customer containing log in information of the previous customer whose email address was inadvertently entered by a new customer. This could necessarily give the new customer access to personal information of the previous customer such as bank account number, among others.

Virgin Media defended itself, saying that as a policy for leaving customers, information is sent to those customers telling them that their email addresses registered in the company’s website will be phased out and that they should erase links in their email accounts that redirect to other websites with which they have existing connections.

Email addresses are retained for three months until all links are wiped out so previous customers could be assured of their security before recycling their registration information, Virgin Media said.

 

Share your opinion