#Open journalism No news is bad news

Your contributions will help us continue to deliver the stories that are important to you

Support The Journal
Dublin: 7°C Sunday 28 February 2021

30% of Eir broadband customers exposed to cyber attack

There are apparently hundreds of thousands of security attacks every week, but few are ever reported.

File photo.
File photo.
Image: PA Wire/PA Images

THOUSANDS OF EIR customers’ data may be at risk of being stolen because of a fault with a piece of internet hardware, or modem, supplied by the company.

Earlier this month, their system was reportedly hacked, exposing a security gap.

When contacted by TheJournal.ie, Eir confirmed “a portion of our broadband modems, approximately 30%, may have this security vulnerability”:

Eir has been made aware of the potential security vulnerability concerning two of our broadband modems, the Zyxel D1000 and Zyxel P-660HN-T1A devices.

“We have been working with Zyxel, the supplier, and we have deployed of a number of solutions both at the device and network level which will remove this risk.”

“All of the potentially affected modems are now protected with the network mitigation we have taken. We continue to deploy the firmware patch.”

By September of this year, Eir reported that there were 867,000 customers signed up to their broadband service.

shutterstock_269403968 Source: Shutterstock/Korn

Although other broadband suppliers such as Virgin and Three said that the same security risk does not apply to them, there could be issues for those who already had these modems before joining a network.

In a statement released to TheJournal.ie, Vodafone said that although they don’t distribute ZyXEL D1000 modems, anyone who had one of these modems before becoming a customer of theirs could be at risk.

“Only a small number of Vodafone customers using these older third party modems are potentially affected in this case. The majority of Vodafone customers use Vodafone managed devices.”

But CEO of Cyber Risk International Paul C Dwyer said that the issue of device vulnerability is much more widespread than people realise, with “hundreds of thousands of cyber attacks” occurring every week.

“People don’t update their devices because they don’t have time, or they don’t know how.

There’s a grey area over who is responsible to maintain these systems – is it the user, or is it the company?

“When you’re robbed on the street, something is physically taken off you, so you know you’ve been robbed. But online, they duplicate your data, so there’s not the same awareness out there – someone could be selling a bundle of your information on The Dark Web [or the black market of the internet] and you wouldn’t know it.”

The reason people aren’t aware of it, he says, is that the attacker often demands secrecy.

He says that two of the most common forms of hacking is ‘ransomware’, where a piece of software blocks access to your computer until a sum of money is paid; and bringing a user to a sight that might look like a duplicate of their bank’s but is in fact a ruse to get their banking details.

shutterstock_85837603 Source: Shutterstock/Ollyy

Security advice

As well as the additional measures Eir has taken to secure their systems, they recommend that “customers with these modems should change the administration password for the modem as well as their WiFi password”.

Instructions on how to do this are available on the customer support section of their website, as well as the user guide issued with the modem.

Eir has reported the security vulnerability to the Office of Data Protection Commission and Commission for Communications Regulation, which they are obliged to do once a security breach is detected.

Read: Radio show allowed special needs children to be called ‘mongos’

Read: New rules will allow you to use Netflix or Spotify unrestricted across the EU

About the author:

Read next:


This is YOUR comments community. Stay civil, stay constructive, stay on topic. Please familiarise yourself with our comments policy here before taking part.
write a comment

    Leave a commentcancel