Virgin Media is likely to be in the General Data Protection Regulation (GDPR) crosshairs after disclosing a recent breach that affected approximately 900,000 customers to the U.K.’s data regulator.
Virgin on Thursday confirmed the breach in a press release. According to an email sent to affected customers, a marketing database with customer information was left open for access from at least April 19, 2019, to when the company was “recently” made aware of the cyber-security lapse and shut down access—a period of roughly 10 months.
