Which? Report Says Old Routers From Reputable UK Internet Providers Put Millions at Security Risk

Protect yourself from online attacks that threaten your identity, your files, your system, and your financial well-being.

An investigation by the UK consumer watchdog Which? found that millions of households have outdated router models with various security flaws. Surprisingly, most of the vulnerable devices were provided by reputable UK internet providers such as EE, Sky, TalkTalk, Virgin Media, and Vodafone.

The research covered security threats such as weak default passwords, lack of firmware updates, and local network vulnerabilities. The investigation revealed that the affected internet users faced serious router security risks, including hacking, spying, or redirection to malicious websites.

The report coincided with the proposed new government laws to tackle the security of connected devices.

Report says users unaware of security risks

The Which? report found that most UK internet users were unaware of the router security risks posed by the outdated equipment provided by their internet providers.

About 7.5 million people were affected and six million homes had not updated their routers since 2016, while most had not received an update since 2018. Another 2.4 million households or 7 out of 13 routers had not been upgraded for the past five years.

Which? computing editor Kate Bevan noted that the reliance on outdated routers was concerning given the increasing dependence on the internet during the pandemic.

Which? advised users to discuss with their internet providers about upgrading their outdated routers. The consumer watchdog also urged internet providers to be transparent about their plan to support lasting routers with firmware and security updates.

“Internet service providers should be much clearer about how many customers are using outdated routers and encourage people to upgrade devices that pose security risks,” Bevan said.

Security risks posed by outdated equipment include spying, hacking, and redirecting internet users to malicious websites.

Similarly, some older router models also have weak default passwords that are easy to crack by cybercriminals. They also lacked firmware updates, thus exposing them to various security risks, according to the Which? report.

The consumer watchdog found that two-thirds of 13 router models supplied…