Six million Sky broadband customers exposed to flaw that could let hackers steal bank info

19 November 2021, 15:55

Around six million Sky broadband customers were exposed to a security hack.
Around six million Sky broadband customers were exposed to a security hack. Picture: Alamy

By Sophie Barnett

Around six million Sky broadband customers were exposed to a security flaw that would have allowed hackers to "control millions of hubs for 18 months", a security company has warned.

Listen to this article

Loading audio...

The flaw has been fixed, but the security researchers said it took Sky nearly 18 months to fix the problem.

The bug was uncovered by the security group Pen Test Partners, who said it affected users who had not changed the router's default admin password.

As this is simple and easy to guess, hackers could easily reconfigure the router and take over a network, just by directing the user to a malicious network.

This could then give hackers access to sensitive information including log-in details for online banking.

According to the researchers, the affected router models were: Sky Hub 3 (ER110), Sky Hub 3.5 (ER115), Booster 3 (EE120), Sky Hub (SR101), Sky Hub (SR203), and the Booster 4 (SE210).

Sky said it had begun working to fix the problem as soon as it was made aware of it and it took the security of its customers "very seriously".

Cyber security expert explains what is behind the twitter hack

Pen Test Partners said there was no evidence the flaw had been exploited, but criticised Sky for the time it took to fix the issue.

It claimed the internet service provider had repeatedly pushed back deadlines it had set to fix the problem.

A spokesman for Sky said: "We take the safety and security of our customers very seriously.

"After being alerted to the risk, we began work on finding a remedy for the problem and we can confirm that a fix has been delivered to all Sky manufactured products."

The initial delay to the time it took for Sky to fix the problem was put down to the coronavirus pandemic, researchers said.

It also said it did not want to disrupt the "vastly increased network loading as working from home became the new norm".

But researchers were concerned by the speed - and time it took - for the company to respond, saying they believed Sky "did not give the patch the priority their customers deserved".

If you have a broadband router mentioned above, the research company has advised you change the passwords on it from the default ones set.

More Latest News

See more More Latest News

Exclusive
The Home Office confirmed that 1,194 asylum seekers reached the UK in 18 small boats on Saturday—the highest daily total so far in 2025.

Amber Rudd tells Government to ‘get a grip’ as record 1,194 Migrants cross channel in one day

Exclusive
Former head of the diplomatic service Lord Simon McDonald stressed to LBC's Andrew Marr that NATO 'couldn't force the UK to do anything'.

Former Foreign Office head tells LBC NATO ‘can't force UK to do anything’ but warns of ‘painful cuts’ in spending review

The 46-year-old, who has twice won a national bravery award, then slammed the teenager to the ground and placed his hand over the boy’s face while shouting threats and curse words

Shocking footage shows bravery award-winning officer slam teen armed with knife to ground before being sacked

On March 20, 2022, hundreds of protesters attended a rally in front of Hackney Town Hall, London, United Kingdom, to demonstrate their support for Child Q.

Black schoolgirl was ‘demeaned’ and felt ‘physically violated’ after police strip search while on her period

Sunny Jacobs

Exonerated US death row inmate turned campaigner dies in Irish house fire

Commander Julian Bennett outside a Metropolitan Police misconduct hearing at Palestra House, south east London.

Senior Met officer sacked for second time over refusing drugs test

Just before midnight, after major broadcasters projected that Lee Jae-myung would win the presidency, he made his first public appearance with his wife, Kim Hye-Kyung, in front of the National Assembly to greet his supporters.

South Korea opposition Lee Jae-myung wins election following months of martial law chaos

Police officers cover with an inflatable tent, behind a firefighter vehicle, the tents delimiting the scene of an incident in Water Street.

Four people injured in Liverpool parade can be named as restrictions lifted after horror crash

Search teams look through a derelict and abandoned property to the west of Praia De Luz, Portugal in the search for Madeleine McCann.

Madeleine McCann detectives drain well as police look for toys and DNA in renewed search

Sir Tony Blair spoke at the SXSW festival in London and said Britain needs to embrace AI.

Tony Blair says Britain should have AI doctors and nurses as former PM claims it's 'absurd' not to do more in the NHS

Pipers at the statue to Robert The Bruce during a re-enactment to commemorate the 700th anniversary of the Battle Of Bannockburn.

Controversial trotting track development at historic Bannockburn battlefield site dismissed

Ukraine’s underwater explosion attack on Crimean Bridge caught on camera

Ukraine’s underwater explosion attack on Crimean Bridge caught on camera

Dutch PM Dick Schoof steps down and far-right leader Geert Wilders quits as Dutch government plunged into chaos

Dutch PM Dick Schoof steps down and far-right leader Geert Wilders quits as Dutch government plunged into chaos

Alzheimer’s disease is the most common cause of dementia

Six things you need to know about Alzheimers - as drug trials bring new hope

Police on duty outside Windsor Castle (file image)

Man in his 30s arrested after breaking into grounds at Windsor Castle

Erin Patterson has admitted feeding poison mushrooms to her relatives

'Toxic mushroom' mum Erin Patterson admits feeding death caps to her relatives but denies murder