January 20th 2014
Some 350,000 customers affected by the issue, with hackers able to gain access to a customer’s Wi-Fi password.
ISP EE has announced that it will release a security update to its Bright Box 1 and 2 broadband routers before the end of the January. The move comes after a discovery that a security vulnerability in the routers could lead to customers' personal details being exposed.
The problem affects EE's 350,000 customers who own either route. It was revealed by technology researcher Scott Helme, who found that by gaining someone’s Wi-Fi password, a hacker would obtain sufficient access to gain administrator-level control, potentially revealing the customer's personal details. The hacker could then, for example, call EE directly posing as the customer and cancel their broadband package.
An EE spokesperson said: “As is the case for all home broadband customers, regardless of their provider, it is recommend they only give network access to people they trust. Customers should also be suspicious of any unsolicited emails and web pages, and keep their security software up to date." The spokesperson added: “We treat all security matters seriously, and while no personal data will be compromised by the device itself, we would like to reassure customers that we are working on a service update which we plan to issue shortly, and which will remotely and automatically update customers’ BrightBoxes with enhanced security protection.”