Sky customers told to change password following possible data breach

News
By last updated

Suspected email breach leads to security worries for Sky

(Image credit: Shutterstock)

Sky customers have been told to change their passwords immediately, raising fears that the company may have been hit by a data breach.

The company has sent out emails to customers across the UK urging them to reset their passwords as part of a "security measure".

The email contains a link for users to choose a new passwords as Sky has had to change their existing logins, raising fears that the company has suffered some kind of breach or attack.

'Incident'

"At Sky we take the security of your data and information extremely seriously. To help keep your account safe we have reset the password for your Sky account," the email read.

Several Sky customers took to Twitter to ask Sky if the emails were genuine, or part of a phishing scam, with the firm's official Sky Help Team account replying that they were.

‘To help keep customer’s accounts safe we occasionally reset the password for Sky accounts. Customers can reset their password online at Sky.com,’ a Sky spokesperson said, adding that the company has not been breached.

However the account also told some customers that the reset was linked to "part of the incident that happened last week", possibly referencing a recent attack.

 "We have been informed by the provider of Sky.com email that a number of email accounts have been accessed without permission," its official disclosure on the incident read, "as a precautionary measure these accounts have been locked." 

According to Forbes, this apparently concerns a breach of email accounts on an unspecified date, and could even be linked to the Yahoo 2014 data breach, as the American firm provides the sky.com email. 

However Sky's disclosure on the attack was undated, making it hard to know when the incident occured. It does mention that it concerns a "credential stuffing" attack, where hackers bombard a service with user login details (often stolen or bought on the Dark Web) in an attempt to breach user accounts.

Sky says it has already locked the accounts of all affected users, who will need to contact the company to get control back.

Mike Moore
Mike Moore
Deputy Editor, TechRadar Pro

Mike Moore is Deputy Editor at TechRadar Pro. He has worked as a B2B and B2C tech journalist for nearly a decade, including at one of the UK's leading national newspapers and fellow Future title ITProPortal, and when he's not keeping track of all the latest enterprise and workplace trends, can most likely be found watching, following or taking part in some kind of sport.