Advertisement

We need your help now

Support from readers like you keeps The Journal open.

You are visiting us because we have something you value. Independent, unbiased news that tells the truth. Advertising revenue goes some way to support our mission, but this year it has not been enough.

If you've seen value in our reporting, please contribute what you can, so we can continue to produce accurate and meaningful journalism. For everyone who needs it.

File Photo Yui Mok PA Archive/PA Images

Eir only became aware of potential security breach after reading about it online

The company will contact 130,000 customers after at least 2,000 modems were breached.

BROADBAND SUPPLIER EIR has confirmed that it has taken every measure to protect customers’ data, but did not rule out the possibility that some customers’ data may have been accessed after a “vulnerability” was found in its modems.

The company will contact 130,000 customers to advise them to reset their modems, and have said that at least 2,000 devices were breached.

As of yet, Eir has no idea who was responsible for the hack and has informed the government and the Data Protection Commissioner on the case.

Speaking on RTÉ’s Morning Ireland, Eir’s director of communications Paul Bradley said that the company became aware of a potential security vulnerability after details surrounding the risks were posted on the internet.

“It came to light because there was a post online,” he said.

Eir raised the issue with their supplier, who confirmed the security risk on 22 November.

“We immediately took steps to protect the customer,” he said. He added that once the suspected malware was found on a number of devices, action was taken to reset the modems and secure the devices and customer data.

What this means is that we have an indication that a third party tried to get unauthorised access. At this time, there’s no indication that any customer data has been accessed.

When pushed on if it was possible customer data may have been accessed that Eir was not yet aware of, Bradley said that could be the case.

Last weekend, it emerged that thousands of Eir customers’ data may be at risk of being stolen because of a fault with a piece of internet hardware, or modem, supplied by the company.

In a statement to TheJournal.ie, Eir confirmed that “approximately 30%” of its modems may have this “security vulnerability”.

“Eir has been made aware of the potential security vulnerability concerning two of our broadband modems, the Zyxel D1000 and Zyxel P-660HN-T1A devices,” they said.

The company is advising all of its customers to reset their modems as a precaution. The 12-step guide to resetting the modem can be found here.

Along with the steps already taken by Eir, resetting the modem “should secure the device and solve the problem,” according to Bradley.

As for who was behind the attack, Bradley said that “we don’t know who was responsible”. He added that Eir has informed the Data Protection Commissioner, the Department of Communications and the government’s cyber security body about the breach.

Read:  30% of Eir broadband customers exposed to cyber attack

Read: New rules will allow you to use Netflix or Spotify unrestricted across the EU

Readers like you are keeping these stories free for everyone...
A mix of advertising and supporting contributions helps keep paywalls away from valuable information like this article. Over 5,000 readers like you have already stepped up and support us with a monthly payment or a once-off donation.

Close
38 Comments
    Install the app to use these features.
    Mute Get Lost Eircodes
    Favourite Get Lost Eircodes
    Report
    Dec 6th 2016, 9:52 AM

    Eir are utterly utterly utterly technically incompetent…

    277
    Install the app to use these features.
    Mute john barnes
    Favourite john barnes
    Report
    Dec 6th 2016, 10:28 AM

    From dealing with these people it is clear to me that the company still has not shaken off the stench of telecom eireann, a lot there still think and act like they’re public servants giving crappy customer service

    148
    Install the app to use these features.
    Mute Shakka1244
    Favourite Shakka1244
    Report
    Dec 6th 2016, 10:34 AM

    @john barnes:

    Changing a company name does not change it’s staff or culture. You can call a shite whatever you want but it’s still a shite.

    133
    See 6 more replies ▾
    Install the app to use these features.
    Mute Mr Phil Officer
    Favourite Mr Phil Officer
    Report
    Dec 6th 2016, 11:42 AM

    Eir heads.

    56
    Install the app to use these features.
    Mute John Considine
    Favourite John Considine
    Report
    Dec 6th 2016, 1:18 PM

    @Get Lost Eircodes: And yet I remember the sea of red thumbs I received for pointing this out to people in multiple comments sections on similar reports to do with compromises of various web-based enterprises.

    Home networking equipment is terrible by default. As someone who works in cyber-security I maintain a decent hardware firewall behind my router and I routinely check the logs of both that and the router itself. Anyone who does the same will see their IP being scanned hundreds of times per day. This includes any devices they are passing through the router, such as webcams, which are directly exposed to the internet.

    As a proof of concept I’ve just done a very cursory scan of the IP range assigned me by my ISP. My tool (not the best one you can get by any stretch) found 23 “Critical” vulnerabilities on just the most common ports and protocols. It looks like just over half of them are hardware devices (webcams or printers etc.) and the rest OS vulnerabilities tied to Win XP.

    Long story short, right now cyber-criminality in the home-sphere is immature but as more and more criminals become tech savvy and more industries increase their cyber-resilience we will see a shift in what is viewed as the lowest hanging fruit. This *will* be a real problem, likely within the next 5-10 years. People relying on their ISP and current behaviour patterns to secure themselves at that point will be in a lot more trouble than they are now.

    29
    Install the app to use these features.
    Mute Lyons
    Favourite Lyons
    Report
    Dec 6th 2016, 1:35 PM

    @Get Lost Eircodes: Actually 900k customers in Deutcshe Telekom and 100k UK customers of TalkTalk and UK Post Office were also impacted by the same issue.
    https://www.bleepingcomputer.com/news/security/mirai-botnet-behind-internet-problems-for-100-000-talktalk-and-uk-post-office-users/
    https://www.rte.ie/news/2016/1205/836708-eir-broadband/

    15
    Install the app to use these features.
    Mute Get Lost Eircodes
    Favourite Get Lost Eircodes
    Report
    Dec 6th 2016, 1:37 PM

    @John Considine: Well said

    3
    Install the app to use these features.
    Mute Mr Jenkins
    Favourite Mr Jenkins
    Report
    Dec 6th 2016, 3:21 PM

    What about sky modems

    1
    Install the app to use these features.
    Mute Richie Cahill
    Favourite Richie Cahill
    Report
    Dec 6th 2016, 6:28 PM

    @john barnes: takes years to wash that “good enough for government work” stank off.

    3
    Install the app to use these features.
    Mute Les Behan
    Favourite Les Behan
    Report
    Dec 6th 2016, 9:59 AM

    You’d want to be off your head having any dealings with a company as awful as this one.

    100
    Install the app to use these features.
    Mute Hugh Mannatee
    Favourite Hugh Mannatee
    Report
    Dec 6th 2016, 11:07 AM

    In fairness, I’ve been a meteor customer for years and never had a problem with them.

    38
    Install the app to use these features.
    Mute William Clay
    Favourite William Clay
    Report
    Dec 6th 2016, 10:09 AM

    Incompetence doesn’t even scratch the surface. Of course there are individuals who are highly technically minded but as a whole it’s a disaster. Teams, who are supposed to work together, don’t share information or knowledge. And the management? that’s where the incompetence lies. I worked in eircom for 18 months, left due to utter frustration.

    81
    Install the app to use these features.
    Mute Brian Fitz
    Favourite Brian Fitz
    Report
    Dec 6th 2016, 10:43 AM

    Remember the time you could crack any Eircom Wifi because the router’s SSID (wireless network name) was directly related to the Encryption key!

    Change passwords and install firewall’s is my advice for anybody paranoid about their tech security.

    60
    Install the app to use these features.
    Mute Get Lost Eircodes
    Favourite Get Lost Eircodes
    Report
    Dec 6th 2016, 11:35 AM

    There was even an app for that.

    22
    Install the app to use these features.
    Mute Cormac Laffan
    Favourite Cormac Laffan
    Report
    Dec 6th 2016, 12:05 PM

    @Brian Fitz: This actually sounds like the old “admin” router entry, the reset should prompt a new password. Hard to believe a major provider is still so sloppy, t’was the first port of call back in the day. The “0000″ default on kepads was another one, kids will try anything with tech and rightly so. It’s up to Eir to provide the security, that’s what they’re paid for, the rest is basically just pointing radio signals at a house.
    Cowboys!

    21
    See 2 more replies ▾
    Install the app to use these features.
    Mute Get Lost Eircodes
    Favourite Get Lost Eircodes
    Report
    Dec 6th 2016, 12:16 PM

    @Cormac Laffan: The database that held the WEP keys for Eircom routers was hacked and put on line, All you had to do was enter the SSID into an iPhone app and it would return the necessary WEP key allowing you immediate access into the WLAN of anyone who had not changed their default SSID.

    19
    Install the app to use these features.
    Mute RandomAct Of Kindnes
    Favourite RandomAct Of Kindnes
    Report
    Dec 6th 2016, 2:27 PM

    Although your world wonders me
    With your majestic and superior cackling hen
    Your pickle I do not understand
    So to you I shall put an end
    Then you’ll never hear surf music again
    Strange beautiful grass of green
    With your majestic silver seas

    Third Stone From The Sun by Jimi Hendrix was the song used in encryption to generate WEP keys.

    4
    Install the app to use these features.
    Mute Daithi De Roiste
    Favourite Daithi De Roiste
    Report
    Dec 6th 2016, 10:57 AM

    Picture this,the CEO and chief Engineer is munching on a sandwich on their lunch break and decides to have a look at the news online and the journalist knows there is a security breach and they don’t!

    41
    Install the app to use these features.
    Mute Jordan Salanger
    Favourite Jordan Salanger
    Report
    Dec 6th 2016, 10:27 AM

    Ok, before ye go any further the issue is with Zyxel, the manufacturers of the modems not EIR. EIR are only one of several reputable ISPs who use zyxel routers.

    35
    Install the app to use these features.
    Mute Get Lost Eircodes
    Favourite Get Lost Eircodes
    Report
    Dec 6th 2016, 10:46 AM

    @Jordan Salanger: Except they don’t roll out updated firmware as a maintenance practice.

    How old was the firmware on the devices in the wild?

    Fire & Forget is their policy.

    37
    Install the app to use these features.
    Mute Nick Allen
    Favourite Nick Allen
    Report
    Dec 6th 2016, 11:10 AM

    @Jordan Salanger:

    It is eir that selected Zyxel as a partner to provide the modems. It is 100% eir’s responsibility to manage the quality of their supply chain.

    32
    See 1 more reply ▾
    Install the app to use these features.
    Mute Stephen
    Favourite Stephen
    Report
    Dec 6th 2016, 4:47 PM

    Ironically their first modem locked out this flaws open port, then they bought zyxel and nobody gave a toss about security. Who knows about their current modems. Hopefully this new ddos army will attack Eir as punishment. Wonder could you sue Eir if you were attacked by these routers…

    2
    Install the app to use these features.
    Mute Gerry Fallon
    Favourite Gerry Fallon
    Report
    Dec 6th 2016, 9:55 AM

    There’s a lot of( air) in their eir technicians brain.

    35
    Install the app to use these features.
    Mute Shakka1244
    Favourite Shakka1244
    Report
    Dec 6th 2016, 10:33 AM

    I regularly assist friends/family etc with their home networks and PC’s. If they are an Eir customer, 99% of the time I can get straight into the router using the Admin ID. The Admin passwords are all the same by default unless changed by the owner (which is very very rare).

    29
    Install the app to use these features.
    Mute Chief
    Favourite Chief
    Report
    Dec 6th 2016, 10:54 AM

    If you want to assist your friends / family better. Tell them to stop using the outdated router and ask eir for the new one that’s been around for a few years

    27
    Install the app to use these features.
    Mute denis daly
    Favourite denis daly
    Report
    Dec 6th 2016, 1:57 PM

    My internet was hacked, someone put porn in my Internet browser history

    21
    Install the app to use these features.
    Mute P-O-B
    Favourite P-O-B
    Report
    Dec 6th 2016, 12:47 PM

    Should rebrand to Error

    19
    Install the app to use these features.
    Mute Piero Tintori
    Favourite Piero Tintori
    Report
    Dec 6th 2016, 11:04 AM

    Does resetting the modem update the firmware? If not, this isn’t going to solve the problem….

    13
    Install the app to use these features.
    Mute Get Lost Eircodes
    Favourite Get Lost Eircodes
    Report
    Dec 6th 2016, 11:12 AM

    @Piero Tintori: No it just has to be infected again on the next malware pass, exploit is still there waiting to be infected.

    8
    Install the app to use these features.
    Mute Random_paddy
    Favourite Random_paddy
    Report
    Dec 6th 2016, 5:24 PM

    Eircom business technicians always seem to travel in pairs of vans. I remember one time two vans arrived to my workplace to stick a label on equipment they installed the day previous. Nothing else to be done, apart from a long lunch break. No wonder their services are priced over the top..

    9
    Install the app to use these features.
    Mute Get Lost Eircodes
    Favourite Get Lost Eircodes
    Report
    Dec 6th 2016, 6:38 PM

    I noticed that too. A tall monkey for high up things and a shortarse monkey for low down things…

    6
    Install the app to use these features.
    Mute OCallaghan TP
    Favourite OCallaghan TP
    Report
    Dec 6th 2016, 6:27 PM

    Eir are without a doubt the worst ever communication supplier in Ireland .. They simply couldn’t give a flying shirt about there customers. .They employ the most untrained un careing staff on the planet. F— them

    8
    Install the app to use these features.
    Mute Mike Nixon
    Favourite Mike Nixon
    Report
    Dec 6th 2016, 11:16 AM

    Only a firmware update will sort this out here’s a link to the guy that found the issue and what the issue is https://devicereversing.wordpress.com/2016/11/07/eirs-d1000-modem-is-wide-open-to-being-hacked/

    8
    Install the app to use these features.
    Mute Get Lost Eircodes
    Favourite Get Lost Eircodes
    Report
    Dec 6th 2016, 11:43 AM

    @Mike Nixon: Interesting link. I see it is dated 7th of November…good to see Eir were quick to act, only took them a month.

    14
    Install the app to use these features.
    Mute eastsmer #IRExit
    Favourite eastsmer #IRExit
    Report
    Dec 6th 2016, 11:09 AM

    Buy a new router with VDSL connection ability.
    If you are going to wait on Eir(com) then you will have problems.

    6
    Install the app to use these features.
    Mute Get Lost Eircodes
    Favourite Get Lost Eircodes
    Report
    Dec 6th 2016, 11:13 AM

    @eastsmer #IRExit: Businesses should go for something closed source & European like a LANCOM. Not some Chinese muck that is leaking like a sieve because it has so many back doors.

    10
    Install the app to use these features.
    Mute dearg doom
    Favourite dearg doom
    Report
    Dec 7th 2016, 1:37 PM

    “The company is advising all of its customers to reset their modems as a precaution. The 12-step guide to resetting the modem can be found here.”
    How are they advising us? By waiting until it’s reported weeks after?

    1
    Install the app to use these features.
    Mute Tosin Williams
    Favourite Tosin Williams
    Report
    Dec 7th 2016, 3:23 PM

    My UPC modem was down last night and other UPC customers in my area couldn’t acces the internet could this be related?

    1
Submit a report
Please help us understand how this comment violates our community guidelines.
Thank you for the feedback
Your feedback has been sent to our team for review.
JournalTv
News in 60 seconds