Millions of Sky routers ‘exposed to hackers’ for 18 months – check if yours was affected

MILLIONS of Sky broadband customers were exposed to hackers for up to 18 months, cyber security experts have warned.

A report published last week revealed that around six million Sky routers contained a bug that could have allowed hackers to take over home networks.

AlamyMillions of Sky broadband customers were exposed to hackers for months[/caption]

Cyber crooks could have used the flaw to access devices and personal data, according to the findings from Pen Test Partners.

The flaw has been fixed, but the security researchers said it took the company nearly 18 months to fix the problem.

Sky said it took the security of its customers “very seriously” and had begun working to fix the problem as soon as it was made aware of it.

The bug affected users who had not changed the router’s default admin password – which was simple and easy to guess.

It could enable hackers to easily reconfigure the router and take over a network just by directing the user to a malicious website.

This could then give hackers access to sensitive information including log-in details for online banking and other websites.

According to the researchers, the affected router models were: Sky Hub 3 (ER110), Sky Hub 3.5 (ER115), Booster 3 (EE120), Sky Hub (SR101), Sky Hub (SR203), and the Booster 4 (SE210).

In addition, around 1 per cent of the routers issued by Sky are not made by the company itself and could not be updated with the fix.

But customers who have one can ask Sky to replace it, free of charge.

Pen Test Partners said there was no evidence the flaw had been exploited but criticised Sky for the time it took to fix the issue.

It claimed the internet service provider had repeatedly pushed back deadlines it had set to fix the problem.

The researchers said they understood the initial delay due to the coronavirus lockdown and the challenges facing internet providers because of the “vastly increased network loading as working from home became the new norm”, which it said it did not want to disrupt.

But they said they were concerned by the overall speed of the company’s response, saying they believed Sky “did not give the patch the priority their customers deserved”.

The group also encouraged anyone with a broadband router to change the passwords on it from the ones set by default.

In response, a Sky spokesperson said: “We take the safety and security of our customers very seriously.

“After being alerted to the risk, we began work on finding a remedy for the problem and we can confirm that a fix has been delivered to all Sky manufactured products.”

PA:Press AssociationPen Test Partners said there was no evidence the flaw had been exploited but criticised Sky for the time it took to fix the issue[/caption]

In other news, Apple has announced that it will let customers fix their own iPhones for the first time starting next year.

The UK is fighting an epidemic of hack attacks targeting consumers and businesses, according to officials.

NASA has slammed Russia after a missile it fired into one of its own satellites forced the space station to perform an emergency swerve.

And, a 75-year-old Brit has told of his anger after scammers on WhatsApp fooled him into sending them hundreds of pounds.

We pay for your stories! Do you have a story for The Sun Online Tech & Science team? Email us at tech@the-sun.co.uk