Virgin Media is in trouble with the UK data protection watchdog after a database of personal details was left unsecured online.
The information, containing the details of around 900,000 people but no financial information or passwords, was accessed on "at least one occasion" by persons unknown according to the company.
However, it goes on to say "we do not know the extent of the access or if any information was actually used".
It's not a hack, as Virgin says the database had been left openly accessible by an employee. It was available for around 10 months. Virgin says that it has informed the Information Commissioner's Office as required by law.
But it wasn't just Virgin customers that have been affected; the database appears to have been a hotch-potch of people including some who Virgin was trying to sign up as part of a 'refer a friend' type arrangement.
Fixed-line customers represented approximately 15 percent of those affected.
Some Virgin Mobile and Virgin Media cable TV customers were included as well, and Virgin says it has now contacted all those affected.
Virgin Media is owned by US media conglomerate Liberty Global.
Lutz Schüler, CEO of Virgin Media said: "We recently became aware that one of our marketing databases was incorrectly configured which allowed unauthorised access.
"We immediately solved the issue by shutting down access to this database, which contained some contact details of approximately 900,000 people, including fixed line customers representing approximately 15% of that customer base.
"Protecting our customers’ data is a top priority and we sincerely apologise."