LONDON — Virgin Media has told 800,000 broadband customers to change the password on their internet routers, to prevent any risk of being hacked.
An investigation by consumer group Which? found Virgin’s Super Hub 2 routers were installed with a simple password, which most people don’t bother to change. In partnership with security researchers SureCloud, Which? was able to hack routers in “a few days.”
Virgin is upgrading its customers to a more secure router, the Super Hub 3, and is advising people to change their passwords.
A spokesman told the BBC: “The security of our network and of our customers is of paramount importance to us. We continually upgrade our systems and equipment to ensure that we meet all current industry standards.
“We regularly support our customers through advice and updates and offer them the chance to upgrade to a Hub 3.0 which contains additional security provisions.”
Hackers also took over a connected kids’ toy
The Which? investigation also found it easy to hack CloudPets, a children’s toy designed to let parents send messages to their kids. The parent records a voice message via the app, then this plays through the toy via Bluetooth.
SureCloud found it was easy for a third-party to hijack the toy and record their own message. In this case, they got a toy cat to order cat food through an Amazon Alexa speaker, but the outcome could be much creepier.
Spiral Toys, which owns CloudPets, did not respond to a request for comment.
SureCloud said it was building on an existing flaw with CloudPets. Earlier this year, a security researcher pointed out it was easy to connect to CloudPets toys and hijack them, either to send your own audio messages or even to act as spying devices. The company also leaked 2 million recordings online, according to Motherboard.
Finally, Which? found that it was also easy to control the Fredi Megapix wireless home camera, panning and tilting it to see what is going on in the house.
If you own an Amazon Echo device though, you can feel reassured. Which? found the Echo more difficult to infiltrate than other smart home devices.
Alex Neill, managing director of home products and services for Which?, said: “There is no denying the huge benefits that smart-home gadgets and devices bring to our daily lives. However, as our investigation clearly shows, consumers should be aware that some of these appliances are vulnerable and offer little or no security.
“There are a number of steps people can take to better protect their home, but hackers are growing increasingly more sophisticated. Manufacturers need to ensure that any smart product sold is secure by design.”
Business Insider Emails & Alerts
Site highlights each day to your inbox.