Thousands of Demon passwords exposed by error

trident

Demon Internet has suffered an embarrassing data protection failure, after an email sent to customers attached a spreadsheet with the personal details of more than 3,600 customers.

Demon, which serves both homes and businesses, confirmed that the customer information of a number of customers signed up to Demon's new paperless billing platform had been circulated, in error, as an email attachment.

Sister site PC Pro said it contained the full name of the customers, email addresses, telephone numbers and the names of the customers' businesses, with police forces and NHS trusts among the email addresses listed.

In a statement from Demon Internet's parent company Thus, the incident was blamed on "human error", but it was made clear that the spreadsheet did not contain any financial or payment information.

"On discovery, Demon took immediate steps to secure the information and security of customers affected, by changing all affected customer usernames and passwords," the statement read.

"We can confirm categorically that no customer accounts were accessed inappropriately during this time," it added.

The company apologised and said it would review all processes and procedures to ensure that the incident wouldn't be repeated.