Outdated routers ‘pose hacking risk’ to millions of internet users
New research suggests two-thirds of older network devices in use in UK may have security flaws

Millions of internet users in the UK are at risk of being hacked as a result of “outdated” routers, according to a new Which? report.
A study by the consumer group found that more than two-thirds of older router models provided to customers by internet providers including EE, Sky and Virgin Media had security flaws that could enable hackers to access their network.
Of 13 models scrutinised by the researchers, nine “would fail to meet requirements proposed as part of government plans to improve legislation around connected devices”, the Manchester Evening News reports.
Subscribe to The Week
Escape your echo chamber. Get the facts behind the news, plus analysis from multiple perspectives.

Sign up for The Week's Free Newsletters
From our morning news briefing to a weekly Good News Newsletter, get the best of The Week delivered directly to your inbox.
From our morning news briefing to a weekly Good News Newsletter, get the best of The Week delivered directly to your inbox.
Which? estimates that as many as 7.5 million people in the UK could be affected by the flaws, which include weak, easily guessable default passwords and a lack of security updates designed to protect customers from new viruses.
The devices found to be lacking in updates include: Sky SR101 and SR102, Virgin Media Super Hub and Super Hub 2, as well as TalkTalk HG635, HG523a, and HG533.
Other problems revealed in the lab tests include “a network vulnerability with EE’s Brightbox 2, which could give a hacker full control of the device”, reports the BBC.
In response, Virgin said that it did not “recognise or accept the findings of the Which? Research”, and that 90% of its customers were using its latest router models. BT, which owns EE, also said that “the vast majority” of its customers used the latest modem.
TalkTalk said the routers that were analysed represented a “very small proportion” of those in use by its customers, who can “change their passwords easily at any time”.
And Vodafone reports that one of its devices examined by Which? had not been supplied to customers beyond August 2019, adding that updates would continue “as long as the device remains on an active customer subscription”.
All the same, Which? computing editor Kate Bevan argues that new government legislation “can’t come soon enough”.
“Internet service providers should be much clearer about how many customers are using outdated routers and encourage people to update devices that pose security risks,” she said.
Under the proposed laws, easy-to-guess default passwords will be banned on virtually all devices, and manufacturers of smart devices will have to say when devices stop receiving security updates. New rules will also be introduced to make it easier for users to report software bugs that could be exploited by hackers.
Sign up for Today's Best Articles in your inbox
A free daily email with the biggest news stories of the day – and the best features from TheWeek.com
Sorcha Bradley is a writer at The Week and a regular on “The Week Unwrapped” podcast. She worked at The Week magazine for a year and a half before taking up her current role with the digital team, where she mostly covers UK current affairs and politics. Before joining The Week, Sorcha worked at slow-news start-up Tortoise Media. She has also written for Sky News, The Sunday Times, the London Evening Standard and Grazia magazine, among other publications. She has a master’s in newspaper journalism from City, University of London, where she specialised in political journalism.
-
6 charming homes in Rhode Island
Feature Featuring an award-winning home on Block Island and a casket-making-company-turned-condo in Providence
-
Team Trump brings the MAGA playbook to Albania's elections
TODAY'S BIG QUESTION The architects of the president's 2024 victory are looking east to extend their populist reach
-
Narco subs are helping fuel a global cocaine surge
The Explainer Drug smugglers are increasingly relying on underwater travel to hide from law enforcement
-
Can the US stop Chinese cyberattacks?
Today's Big Question Chinese hackers reportedly outnumber FBI cyber personnel by a ratio of 50 to 1
-
The Week Unwrapped: Trans sport, fragrant friends and lost data
podcast Can women’s sport be both fair and inclusive? Do we choose friends based on how they smell? And is Big Data putting us at risk of big losses?
-
Pros and cons of porn-site age verification
Pros and Cons Users may need to verify their age with a passport or credit card under new Online Safety Bill
-
‘Donald Trump should be given back his access to social media’
Instant Opinion Your digest of analysis and commentary from the British and international press
-
Instant Opinion: ‘The Russians are... complicated!’
In Depth Your guide to the best columns and commentary on Friday 9 August
-
China accused of sustained campaign of ‘cyber intrusions’
Speed Read Two Chinese nationals have been charged in the US over theft of intellectual property
-
How Britain’s fake news ‘spy’ unit will operate
Speed Read New national security outfit will be tasked with stopping ‘disinformation by state actors’
-
Judd Apatow: The Interview cancellation is 'disgraceful'
Speed Read