Brsk Broadband Data Breach – 230,000 Customers Affected

Summary

  • Brsk has confirmed unauthorised access to one of its customer database systems, used for new broadband installations.
  • A threat actor is reportedly selling a Brsk customer dataset with 230,105 records on a hacking forum.
  • Personal details such as names, contact information and installation details appear in the leak, but not bank data or passwords.
  • Brsk has informed regulators and is offering affected customers 12 months of free Experian monitoring.
  • Customers are being urged to stay alert for scam calls, texts and emails that misuse the stolen data.

Full Fibre broadband provider Brsk has disclosed a serious data breach affecting one of its customer systems, after cyber security watchers spotted a Brsk database being advertised on a hacking forum. The dataset reportedly contains more than 230,000 customer records, and while payment details and passwords are not thought to be involved, the leak includes enough personal information to fuel phishing and scam attempts

Brsk Router

What has happened to Brsk’s customer data?

Brsk, an alternative full fibre broadband provider that merged with Netomnia’s fibre network last year, says a third party gained unauthorised access to one of its customer database systems. The affected system is used to process new installations on the Brsk network, so it holds contact and order details rather than core network data.

The incident came to light after dark web monitoring groups reported that a threat actor was advertising a Brsk customer database containing 230,105 records on a hacking forum. The seller is said to have posted a sample of the data and invited interested buyers to negotiate a price via direct message.

Brsk has confirmed the incident in a statement and in emails sent to customers. The provider says it has locked down the affected system, removed the data from that environment and activated its internal security processes. Broadband services themselves are not affected and Brsk’s network continues to operate as normal.

What data appears to be in the Brsk leak?

Based on the dark web listing and Brsk’s own communication with customers, the exposed dataset appears to contain a wide range of personal details:

  • Name and surname
  • Email address
  • Phone number
  • Physical address
  • Installation and booking information
  • Internal Brsk ID numbers and location data

Some reports also suggest that the records indicate whether a customer is considered vulnerable, for example people with telecare equipment or those flagged as needing extra support. That kind of flag can be especially sensitive because it may help criminals target people who are more likely to respond to scam calls or messages.

Brsk is clear that the affected system did not contain any financial information. Bank details, card numbers and payment data were not stored there, according to the provider. The company also says that broadband account passwords and login credentials were not part of this database.

Even without direct financial information, a dataset containing accurate names, contact details and service history can still be valuable to attackers. It can be used to make phishing emails and scam calls sound more convincing, because the person on the other end appears to know genuine information about your broadband service.

How has Brsk responded?

In its statement to customers, Brsk says it is treating the incident with “the highest level of seriousness”. The steps it outlines include:

  • Locking down the affected system as soon as the breach was discovered.
  • Removing customer data from that environment.
  • Bringing in specialist security partners to run a detailed investigation.
  • Notifying the Information Commissioner’s Office (ICO), the police and other relevant authorities.

Brsk stresses that the system hit by the breach is separate from its core network and operational infrastructure. In other words, the fibre network that delivers broadband and the systems that keep the service running are not part of the compromised platform.

The provider also says there is, at this stage, no evidence that the stolen data has been misused. However, once a dataset is advertised on a hacking forum, it can be difficult to track exactly where it travels and how it might be combined with other leaks, so this point should be treated with caution.

Free Experian monitoring for affected customers

To support customers caught up in the breach, Brsk is offering 12 months of free personal, financial and credit monitoring from Experian, one of the UK’s major credit reference agencies.

In practical terms, these kinds of services usually do three main things:

  • Monitor your credit file for new applications and unusual activity.
  • Scan parts of the web and dark web for your personal details showing up in known data dumps.
  • Send alerts if they spot patterns that could suggest identity fraud or account takeover.

Brsk says it has already contacted affected customers with instructions on how to redeem the Experian monitoring. If you receive such an email, it is worth checking carefully that it comes from a genuine Brsk domain before following any links, then enrolling within the stated time window.

Why a broadband data breach matters even without bank details

Telecoms and broadband providers hold detailed information about households: names, phone numbers, email addresses, exact locations and service history. That makes their systems a target for criminals who want reliable data for social engineering and scams.

For Brsk customers, the most likely risks are:

  • Phishing emails that refer to real details such as your name, premises and recent installation, making them more convincing.
  • Scam calls from people claiming to be Brsk or another utility, using genuine information from the leak to build trust before asking for bank details or one-off payments.
  • Attempts to link the Brsk data with other leaked datasets to build a more complete profile, for example combining contact details with previously stolen login information from other companies.

If vulnerability flags are included in the stolen dataset, those customers may need to be especially careful. People who rely on telecare or who are flagged as needing additional support might receive calls or emails that try to exploit that status.

How this compares to previous UK telecoms breaches

The Brsk incident is the latest in a series of data breaches involving UK telecoms companies. The most high-profile case was TalkTalk’s cyber-attack in 2015, which exposed details for around 157,000 customers and led to a £400,000 fine from the ICO after a lengthy investigation.

More recent cases, such as the ongoing investigation into Lyca Mobile’s 2023 data breach, show that telecoms-related incidents can take years to work through the regulatory process. There is usually a long gap between the first disclosure of a breach and any final enforcement outcome.

At this point, there has been no decision by the ICO on Brsk’s case. Any fine or enforcement action would depend on the findings of the investigation, including how the breach happened, what security measures were in place and how Brsk has responded since discovering the problem.

What Brsk customers should do now

If you are a Brsk customer, it is sensible to assume your contact details may be part of the exposed dataset and act accordingly, even if you have not yet received a notification email.

Practical steps include:

  • Look for the official email from Brsk explaining the incident and how to sign up for the Experian monitoring. Check the sender address and, if in doubt, go directly to Brsk’s website rather than clicking links in the message.
  • Consider enrolling in the free Experian monitoring to keep an eye on your credit file and personal data over the next year.
  • Treat any unexpected emails, texts or calls that claim to come from Brsk, banks or other providers with caution, especially if they ask for passwords, one-time codes or card details.
  • If someone calls you claiming to be from Brsk, hang up and call back using the number on Brsk’s official website or your latest bill.
  • Keep an eye on your bank and card statements for suspicious transactions, even though Brsk says no payment details were stored on the affected system.

Brsk states that it will never ask for financial information, passwords or login details by phone, email or text. If you receive any request like that, treat it as a red flag.

What this means for the wider full fibre market

Brsk is one of a growing number of alternative network providers building full fibre across parts of the UK, alongside names such as Hyperoptic, Community Fibre and others. As these companies sign up more customers, their responsibility for looking after personal data grows alongside their network footprint.

This incident is a reminder that smaller full fibre providers are subject to the same data protection rules as the major ISPs. Customers should expect strong security and clear communication when things go wrong, regardless of whether they buy broadband from a challenger brand or a household name.

For now, the priority for Brsk customers is to stay alert, make use of the free monitoring on offer, and treat any unexpected contact with caution. Longer term, the outcome of the ICO’s investigation will show how regulators view this breach and what further steps Brsk may need to take.

Leave a comment

Find Better Broadband Deals Today

Compare full fibre, fibre, and bundle offers. Find the best value deals from top UK providers. Save money while upgrading your connection.
See deals

Our broadband comparison tool is powered by Decision Technologies Ltd., registered at 1 Dean Street, London, W1D 3RB.

Broadband installation
Privacy & Cookie Policy Terms & Conditions Contact Us