Original article ISPreview UK:Read More

Broadband ISP and phone provider Virgin Media (O2) has today been hit with a £23.8 million fine by telecoms regulator Ofcom, which occurred after they were found to have “failed to protect vulnerable telecare customers” during their programme to migrate them from analogue phone services to IP-based digital landlines.

The regulator’s General Condition rules typically require every communications provider to “take all necessary measures to ensure … the fullest possible availability of the Public Electronic Communications Network and Publicly Available Telephone Services provided by them in the event of catastrophic network breakdown or in cases of force majeure; and uninterrupted access to Emergency Organisations” (police, fire, ambulance etc.).

Much of the industry is currently having to deal with the challenge of migrating old analogue based landline phone services to newer Internet Protocol (IP / VoIP) based digital phone services, which is a complicated process and one that does sometimes run into problems.

For example, over the past few years there had been a growing concern that this process was overlooking the needs of vulnerable customers, particularly those with telecare systems (c.1.8 million people) that hadn’t always been adapted to work with the new digital phone methods.

The above was mostly the fault of the telecare providers themselves for being slow to adapt, but internet providers also hold some responsibilities. General Condition C5.2 states that regulated companies “must establish, publish and comply with clear and effective policies and procedures for the fair and appropriate treatment of consumers whose circumstances may make them vulnerable“. 

The good news is that all of the major players with legacy phone services that need migrating, particularly Openreach, BT, and Virgin Media, have since responded to those concerns and adopted a better approach alongside telecare providers (example). But prior to that, there was a period where the flaws in this process had yet to be fully patched, which is what Ofcom’s recent investigation into Virgin Media had focused upon.

In particular, Ofcom’s investigation was concerned with whether Virgin Media had been treating vulnerable consumers correctly and “ensuring uninterrupted access” to emergency services (here). The risks here were tragically underlined by the previously reported deaths of two “vulnerable” Virgin Media Phone customers (here). The provider is said to have first notified Ofcom about a number of serious incidents related to the migration of telecare customers in November and December 2023.

What did Ofcom find?

The regulator said their investigation uncovered “serious systemic failures” in Virgin Media’s migration process between August 2022 and December 2023, which ultimately meant they had failed to comply with their own policies and procedures for the fair and appropriate treatment of vulnerable consumers – and in doing so had broken Ofcom’s consumer protection rules.

Virgin Media’s Key Failings

1. Virgin Media failed properly to identify and record the status of telecare customers, resulting in significant gaps in the screening process. This meant that those affected did not receive the appropriate level of tailored support through the migration process.

2. Virgin Media’s approach to disconnecting telecare customers who did not engage in the migration process, despite being reasonably aware of the risks posed, put thousands of vulnerable customers at a direct risk of harm and prevented their devices from connecting to alarm monitoring centres while the disconnection was in place.

As a result of Virgin Media’s “serious failures“, Ofcom has fined the company £23,800,000, which will be passed on to HM Treasury (the provider has been given four weeks to pay). This figure includes a 30% discount as a result of Virgin Media’s admission of liability and its completion of the regulator’s settlement process.

In setting the penalty amount, Ofcom took into consideration that Virgin Media had self-reported the issue; the vulnerability of the customers affected; the significant duration of the contraventions; the seriousness of the breach; and the “significant degree of potential harm caused“.

Ian Strawhorne, Ofcom’s Director of Enforcement, said:

“It’s unacceptable that vulnerable customers were put at direct risk of harm and left without appropriate support by Virgin Media, during what should have been a safe and straightforward upgrade to their landline services. Today’s fine makes clear to companies that, if they fail to protect their vulnerable customers, they can expect to face similar enforcement action.”

As stated earlier, Virgin Media has since taken significant steps to remedy the issues. Following a pause on migrations in December 2023, the provider updated its policies and procedures and introduced a number of further safeguards.

The remedies Virgin Media has put in place include:

➤ Conducting manual reviews of customer service records to further identify Telecare Customers and incorporating this into operational best practice for the remainder of Virgin Media’s digital phone switchover;

➤ Conducting an assurance campaign, contacting 42,991 identified Telecare Customers to support them in migration;

➤ Developing a new engagement plan for Telecare users, which includes keeping non-engaging Telecare users in a continuous loop of engagement rather than disconnecting them; and

➤ Working with local authorities to establish an “end of process” for Telecare customers who have not engaged by the time Virgin Media decommissions the analogue network.

➤ Signatory to the UK Government’s, Public Switched Telephone Network charter, (18 December 2023), including the PSTN non-voluntary migration checklist (18 November 2024).

Original article ISPreview UK:Read More

Customers connected to UK ISP Youfibre (and possibly other ISPs) on one of the country’s largest alternative full fibre (FTTP) broadband networks, Netomnia (Substantial Group), are currently understood to be experiencing “intermittent connectivity or slower-than-usual performance” due to an ongoing Distributed Denial of Service (DDoS) attack.

DDoS attacks work by attempting to overload target servers or end-user with masses of data requests from multiple internet connected devices (often malware hijacked computers / botnets etc.), which can cause the intended target to crash or suffer performance problems until the bad traffic stops or can be mitigated. On rare occasions, such attacks may also expose other weaknesses to exploit, such as happened with TalkTalk in 2015 (here).

Sadly, it’s not uncommon for UK broadband providers and networks to be hit by DDoS attacks, which happen all the time. But most of those can be mitigated and only very few are usually big enough to actually be noticed by customers. Sometimes such incidents may not even be an attack against the network operator, but rather somebody targeting a specific customer or upstream network provider for the ISP etc.

Most internet providers usually prefer not to speak about such things in public, often putting related incidents down to ambiguous network connectivity faults instead. But some are more open and honest than others. In this case, Youfibre’s CEO, Jeremy Chelot, has confirmed (X) that a DDoS is ongoing: “Please bear with us. We are under attack.”

Youfibre Service Statement

We are currently experiencing an unexpected issue affecting parts of our network, which may result in intermittent connectivity or slower-than-usual performance. Our network engineers are investigating the source of the disruption and are taking immediate steps to mitigate the impact and restore full service.

UPDATE 11:46am

Customers are reporting a return to normal service and the ISP has provided the following update: “We can confirm that the issues have been fully resolved. We appreciate your understanding and patience during this time.”

UPDATE 3:40pm

Clearly the attackers have adapted their methods or started a new assault (not uncommon with DDoS). We’ve seen customer reports of more problems, and YouFibre just issued the following update (X): “We are sorry to report that YouFibre has been subjected to a DDoS attack today (28.11.25). We are working very hard to resolve this. From a high level, a DDoS attack is a malicious attack that creates a flood of internet traffic affecting service performance. Please keep an eye out for updates in your inbox and on our network updates page here on X – @youfibre_status . We hope normal service will return quickly.”

UPDATE 29th Nov 2025 @ 7:30am

Youfibre has yet to issue a further service status update, but the provider does appear to have had some success in mitigating the attack. Separately, ISPreview has noted that Cogent reported a DDoS taking place yesterday afternoon against one of their customers in Equinix’s MA1 Manchester Data Centre, which could have impacted those with Cogent transit in MA1 (e.g. Youfibre).

We have also seen reports of several other – larger – ISPs being hit by a big DDoS yesterday (e.g. BT), although if so they were quick to mitigate it on the first pass (scale helps) and most customers won’t have noticed, while those that did only saw a fairly brief period of disruption.

Original article ISPreview UK:Read More

Mobile network operator Vodafone has revealed that they’ve started a new “Enhanced Power” initiative, which will work to boost resilience and extend power backup time at around 10,000 key mobile sites across Europe and Africa using a mix of AI and other technologies. This is also likely to benefit the UK, although specific country details aren’t yet available.

Mobile operators in the UK currently have a legal obligation to identify, prepare for and reduce the risk of anything that compromises the availability, performance or functionality of their networks. But such networks are highly complex and outages can still occur, with Ofcom previously warning that the consequences of these are “likely to become more severe as society becomes increasingly dependent on them to function.”

However, the issue of improving power backup for Radio Access Networks (RAN) is not an easy one to resolve, with a number of UK mobile operators being known to have balked at the potential costs of deploying national battery backup (here and here); costs that could potentially work their way into higher retail prices for consumers.

Despite this, Vodafone is moving forward with the introduction of a new network resilience programme – the Vodafone Enhanced Power initiative. The programme is designed to boost resilience for emergency and critical online services, public safety, as well as maintain connectivity of vital services for its mobile customers across Europe and Africa, in the event of a major outage.

The “primary objective” of the new initiative is to further enhance resilience at more than 10,000 critical mobile infrastructure sites that support emergency services (police, fire, ambulances etc.) across Europe. It is being rolled out throughout Vodafone’s European markets over the “next two years“, starting with Portugal.

Vodafone’s Enhanced Power Initiative

The initiative is based on both existing temporary backup systems and innovative software-based solutions using artificial intelligence (AI) to predict, control and conserve backup time as long as possible. Power supplies are designed to best handle an outage depending on its severity and size on local, regional, and national levels. All the solutions also aim to reduce current CO2 emission levels.

For smaller localised outages, which typically affects up to 10 mobile sites, Vodafone will continue to use portable solutions known as Cells on Wheels (COW). This will be complemented by Vodafone’s unique Instant Network Emergency Response, providing free Wi-Fi and phone charging stations during disaster relief efforts. Several Vodafone engineers form part of the Instant Network Emergency Response (INER) team. Since 2012, the INER programme has deployed to over 28 disasters worldwide and recently supported in Jamaica after the outbreak of Hurricane Melissa.

To tackle wider regional blackouts, affecting tens or more than a hundred mobile sites, Vodafone will draw on its arsenal of temporary and back up units, as well as deploy Adaptive Power Backup. This is a new AI-controlled intelligent technique to remotely extend the base station battery backup time, potentially doubling it in certain scenarios.

Vodafone has also drawn up a more comprehensive network resilience and power backup plan in the case of a national or cross-border blackout. In addition to reinforcing over 10,000 critical sites across Europe, Vodafone is initially prioritising the following network areas:

• Core mobile sites: Commonly known as the “brain” of a mobile network, it comprises of over 400 mobile data centres and large backbone sites located across EU countries. These facilities are equipped with battery backups and diesel generators, providing a minimum of 72 hours of backup power or guaranteed refuelling support within at least 48 hours.
• Aggregation mobile sites: Ensuring a minimum of four hours of backup power for key locations that serve as network junctions to route customer data efficiently. The four-hour battery specification for aggregation sites is a conservative estimate based on maximum site load.
• Critical Access Sites: Over 10,000 essential radio and backhaul access sites in Europe supporting mobile coverage for emergency services, command and control centres, hospitals, government offices, airports, and other major transport hubs, will be equipped with a minimum of four hours’ backup power. This is the first phase of a wider programme to equip many more sites with the latest generation of battery technology.

Vodafone is also looking to space to build resilience by connecting everyday smartphones and other cellular devices of emergency responders via satellite, even in the most dangerous and challenging environments.

The reason for kicking this off in Portugal has to do with the fact that the country suffered a significant power blackout back in April 2025, which hit essential services such as telecommunications, transportation, and banking and even extended to certain regions of Spain and France. At the peak of the power outage, about 60% of mobile users in Portugal lost connectivity or struggled to connect.

Vodafone has also launched an AI-driven Adaptive Power Backup service in Greece, and is trialling it in Turkey, before deploying to additional markets during 2026. The system uses AI to predict outages and optimise power consumption, which enables nearly twice the backup duration and ensures emergency services remain connected three times longer than the industry standard. It works by remotely and autonomously shutting down non-essential equipment or putting it into a low-energy state (cell sleep mode) whilst leaving open crucial channels for emergency services, voice calls and text messages.

The mobile operator noted how just mandating 4-hour backup at every telecom site belonging to all operators in the UK would require a one-time investment of between £2.2–4.4 billion (€2.6–5.2 billion), according to a study by the regulator Ofcom, with similar proportional costs predicted across Europe. Hence the focus on AI and alternative approaches, such as utilising idle capacity and generating revenue through energy trading via Virtual Power Plant (VPP) services.

Original article ISPreview UK:Read More

The One Touch Switching Company, which is the industry-led company responsible for helping to deliver Ofcom’s solution for easier and quicker UK switching between home broadband and phone providers on different networks (One Touch Switching), has provided an update on their progress toward refining the OTS solution as it passes 2 million successful switches since launch.

The OTS system, which went live on 12th September 2024, remains a Gaining Provider Led (GPL) process, where the customer contacts their new (“gaining“) ISP to start and manage the process on their behalf. But despite a bit of a bumpy start and some ongoing issues, which we won’t recap today, this has now been widely adopted by the vast majority of ISPs; TOTSCo is now also working to make a similar switching system available to businesses in “early 2026” (here).

The latest update reveals that TOTSCo’s related messaging hub has now processed 2 million switches since its launch, running at a rate of roughly 1.8 million over every 12-months. Hub match rates (switch match success rates) are also trending upwards in the long term, with overall rates up around 10% since go-live, and a record daily figure of 69.7% last week (this is the observed rate – the customer experience will be better as some retries will be successful).

At the same time, the best observed match rate between two larger users (unamed major broadband ISPs) stands at 83%, which TOTSCo said shows “what can be achieved … these figures are an indication of how the ecosystem is maturing as more providers refine their processes and data“. Take note that Black Friday should be having an impact on the most recent stats via an uptick in switching.

Original article ISPreview UK:Read More

Network access provider Openreach (BT) has provided an important update on the planned (pilot) closure of their next two legacy exchanges in Ballyclare (9,500 premises in N.Ireland) and Kenton Road (9,500 premises in London), which were originally due to be switched off on 30th November 2025 but will now remain open a bit longer to help the remaining users migrate.

Just to recap. The operator is currently in the early pilot stage of closing around 4,600 of their 5,600 UK exchanges. This is occurring because only c.1,000 of these are needed to provide nationwide coverage of modern “fibre broadband” services (FTTC / SOGEA, FTTP etc.) – the Openreach Handover Points (OHPs or “Super Digital Exchanges“). The rollout of full fibre (FTTP) technology, combined with the retirement of copper lines and legacy services (ADSL, WLR, PSTN etc.), will soon make it economically unviable to support both the old and new exchanges.

The operator has thus long since developed a gradual plan for closing the thousands of older exchanges – known as the Exchange Exit Programme, which starts with an initial pilot of 3 exchanges and then extends to a closure of 105 “priority exchanges” by 2030 (i.e. taking place in four phases), with the rest then following through the early 2030s. The tentative dates for these have already been announced (here).

Closing an exchange and migrating affected customers remains a highly complex process, which typically takes around 4-7 years (depending upon the complexity of each exchange) – starting with a Stop Sell of old products and eventually ending with everything being switched off. Only after that do Openreach and ISPs remove their physical kit, which can take a few short months.

What’s happened so far?

Earlier this week we reported that the first of three pilot exchange closures for this programme, Deddington (serving c.1,800 copper lines), had finally shut its doors a little ahead of schedule (here) – new digital lines are now being served and managed by the nearby Banbury Exchange (OHP). None of this is surprising, as Deddington was also one of the first UK areas to go fully FTTP.

By comparison, the next two pilot exchanges – Ballyclare and Kenton Road – are much larger and more challenging to address, and that’s intentional. Openreach needs to confront the hardest areas now and establish the best approaches for dealing with them, which will then inform their solutions when it comes to retiring thousands more in the future. Both exchanges were originally due to shut their doors on 30th November.

However, much as we reported last weekend (here), both of these exchanges currently still have some active consumer broadband and phone lines (i.e. they’ve not been migrated yet) – not many, but we were told is was “enough to hinder the closure”. Some other lines are also in the process of being migrated, but won’t all be shifted by the closure date. The operator has thus been busy working closely with ISPs, Ofcom, the Government (DSIT) and the Office of the Telecoms Adjudicator (OTA) to find solutions.

Openreach has also been working with retail providers in an effort to try and identify what kind of users theses are (they’re currently investigating that alongside retails providers), since nobody wants to disconnect customers, particularly if some of them may turn out to be classified as “vulnerable“, or part of any other high risk or critical infrastructure (CNI) group.

What’s the latest update?

According to the latest private briefing on all this, which was posted on Wednesday, Openreach are still busy trying to identify whether any of those who haven’t yet been shifted off the exchange are “vulnerable” users. The operator is currently still reviewing their position over whether or when to cease consumer customers and are, in the meantime, continuing to work with everyone involved to exit the pilot exchanges safely.

“Whilst we continue to work this through, we’ve now confirmed with industry that where CPs [Communication Providers] have failed to migrate consumer customers’ assets prior to the deadline, Openreach will NOT cease on 1st December 2025, but services will remain subject to original termination notices – we will keep CPs informed of any future plans to cease these lines,” said a spokesperson to ISPreview.

In short, the exchanges will not now be closing this weekend as originally planned and Openreach are allowing more time to find solutions for the remaining lines, although they’ve yet to agree a new timetable for closure with providers. In the meantime, they’ve advised affected broadband and phone providers to continue trying to migrate their consumer customers to digital alternatives, including full fibre (FTTP) and SOGEA (FTTC).

As we pointed out in the prior update, business lines aren’t so lucky, with Openreach making clear that disconnection will be the outcome: “If a CP fails to cease and/or migrate the services by the end of 30 November 2025, any live business assets which do not have an inflight order or have not been agreed as critical life impacting services, will be ceased by Openreach from the 1 December 2025“.

Hopefully we’ll learn what the revised switch-off dates will be in the near future.

Original article ISPreview UK:Read More

The Court of Appeal in London has dismissed an attempt by investment firm LetterOne (L1), which had been seeking compensation after the previous Government used the new National Security and Investment Act 2021 (NSIA) to force them into selling Upp’s full fibre broadband network to rival operator nexfibre at a loss (retail customers went to Virgin Media).

Upp was originally established as a £1bn project that aimed to deploy a new Fibre-to-the-Premises (FTTP) based broadband network and retail ISP across 1 million premises in the East of England (here). But their efforts were dealt a significant blow in December 2022, after the UK Government ordered LetterOne – an investment firm that previously received significant backing from several prominent and now sanctioned Russians (Mikhail Fridman and Petr Aven) – to sell its entire stake in Upp in order to “prevent, remedy, or mitigate the risk to national security” (here).

At the time, LetterOne said they “believe that L1 ownership of Upp is not a threat to national security in any way” and pointed out that “L1 is not sanctioned and has taken fast, decisive action to put in place strong measures to distance L1 from its sanctioned shareholders. They have no role in L1, no access to premises, infrastructure, people and funds or benefits of any description.” The investment company froze the shareholdings of those individuals (who jointly owned less than 50% of the company) and its oligarch founders resigned from the group’s board.

However, despite LetterOne launching a legal challenge against the government’s decision (here), the investor claimed they ended up selling Upp at a loss (i.e. “less than the £143.7m that (LetterOne) had by then invested“) to rival operator nexfibre in September 2023 (here). At that point, Upp’s network had only covered 175,000 premises, although it’s worth considering that assessing market value for altnets is a tricky thing these days, with some banks and investors predicting they may take a loss (here).

The High Court in London last year dismissed LetterOne’s appeal against the forced sale (here). But the investment company then lodged a new appeal based around the question of whether Article 1 of Protocol 1 (A1P1) to the European Convention on Human Rights (ECHR) would require compensation to be paid following a forced sale made pursuant to a final order under the NSIA. Yesterday the Court of Appeal dismissed that challenge.

Summary of Judgement

It is also important to keep in mind that what is in issue is the risk posed to national security by the Ultimate Beneficial Owners of a company, which may be at several steps removed from the entity concerned. In the present case those UBOs were individuals who had been the subject of Russian sanctions, including in the UK. There is no question, as Mr Hickman urged upon the Court, of impugning the character of the Appellants as such but it is important to keep in mind that the ultimate risk to the security of this country comes from the UBOs.

In this context Sir James Eadie emphasised before this Court what had been said by the Judge at para 206, in a part of her judgment which is not under appeal to this Court:

“Nor am I persuaded that a remedy founded on changes to corporate structure and other restrictions to which the Claimants showed willingness to submit would have the benign effects for which the Claimants contend. On the contrary, I accept Mr Phillips’ and Ms Wolfe’s submissions that the Claimants consistently accepted or implied that the Group and its UBOs had – and should retain – influence and control over Upp. In the first set of representations, the First Claimant accepted that the Group had some control over Upp, albeit denying that the Group exerted a high level of control.

The first set of representations demonstrated that Mr Kosogov had not been placed under the same measures of structural and legal separation from the Group as the sanctioned UBOs (Mr Fridman and Mr Aven). In the meeting with the ISU on 22 November 2022, the Group indicated that it did not accept the ISU’s proposal that investor consent (in practical terms, their own consent) should no longer be required for all high value contracts, describing the elimination of investor consent as ‘extremely difficult.’ Dr Easton made clear that the Group wanted to retain the ability to influence the Upp Board through the Investor Directors.”

Mr Hickman emphasised before us that there is no suggestion that the Appellant companies have done anything wrong or that they themselves pose a risk to national security. He is entitled to emphasise that the law recognises a distinction between the corporate entities and the ultimate beneficial owners. Nevertheless, in this context it is clearly the risk posed to national security from those ultimate beneficial owners which has prompted the Respondent to make the order. In this context, particularly having regard to the importance of national security, courts must be alive to the realities of the situation irrespective of the legal position that a corporate entity is distinct from its shareholders or others.

Furthermore, the presence in the statutory scheme of section 30 of the NSIA is important to the overall assessment of proportionality. That is a provision which would allow mitigation measures to be taken, for example by way of financial assistance (if hardship was shown or something of that sort).

One also needs to keep in mind that the process for assessing the “fair market value” of a company, as distinct from what it can actually be sold for albeit in circumstances of a forced sale, is likely to be a complicated and lengthy process. This is evident from the disposal plan which we were shown in the present case. This would have the potential to impede the process by which the Respondent is able to achieve the important public interest purposes which lie behind the scheme of the NSIA.

Finally, it is important to note that there is no Strasbourg authority directly on point. Sir James Eadie submits that none “comes close” to requiring that a State must compensate against any diminution in value flowing from a forced sale, or for past investment and/or possible future profits. This is important, because it is well-established that the courts of this country should follow the clear and constant jurisprudence of the European Court of Human Rights, neither more nor less. As Lord Reed PSC explained in R (Elan-Cane) v Secretary of State for the Home Department [2021] UKSC 56; [2023] AC 559, at para 63, although it is open to domestic courts to develop the law in relation to Convention rights beyond the limits of Strasbourg case law, on the basis of the principles established in that law, they should not go further than they can be confident that the European Court would do.

For the reasons I have given, I would dismiss this appeal.

This was somewhat of a test case, the first case in relation to the NSIA to come before the Court of Appeal, and thus the decision against LetterOne is likely to set a precedent for other potentially similar challenges in the future. Several challenges based on procedural unfairness and irrelevant considerations were also dismissed.

Original article Total Telecom:Read More

News

Vodafone says the Bundeskartellamt (Federal Cartel Office) has not followed key procedural rules in its investigation and has acted with bias

Vodafone has formally challenged the Bundeskartellamt over its investigation into the operator’s alleged anti-competitive behaviour towards rival 1&1. The conflict centres on Vodafone’s supposed obstruction of 1&1’s efforts to build its own 5G network, a move crucial for establishing the company as the country’s fourth major mobile network operator.

1&1 Drillisch won 5G mobile spectrum at auction back in 2019 with the intention of building out its own network and becoming Germany’s fourth national operator. By 2021, 1&1 had signed a deal with Vantage Towers (in which Vodafone holds a 50% stake) to access up to 5,000 of the towerco’s existing mobile sites, allowing them to more rapidly deploy their burgeoning 5G network.

The contract specified that 3,800 sites were to be made available by 2025.

By the end of 2022, however, it was becoming clear that access to this may sites by 2025 would be unlikely, with 1&1 saying it had been granted access to just five sites. In 2023, 1&1 formally complained to the Bundeskartellamt , who subsequently launched an investigation into the source of Vantage’s delays in providing the agreed upon infrastructure.

Now, Vodafone is claiming that the Bundeskartellamt is conducting proceedings in a biased and procedurally improper manner, exceeding its authority. Vodafone has sought interim legal relief at the Oberlandesgericht Düsseldorf, arguing that the accusations lack substantive merit and that 1&1 has unduly influenced the investigation.

“I’ve never encountered anything like this in my more than 25 years of professional experience,” said Vodafone’s lawyer, Walther Graf, who provided a 65-page letter to the Bundeskartellamt with the allegations.

The Bundeskar­tellamt, however, insists that it is conducting its investigations impartially. It noted that its president, Andreas Mundt, maintains regular contacts with all relevant industry leaders, including both 1&1’s CEO Ralph Dommermuth and Vodafone’s executives. The authority dismisses Vodafone’s claims of partiality and unusual procedural conduct as unfounded.

1&1 has also denied any improper coordination with the Bundeskartellamt.

Keep up to date with all the latest telecoms news with the Total Telecom newsletter

Also in the news
Connected Britain Award winners 2025 announced!
Netomnia announces ‘powerful and ambitious’ rebrand ahead of Connected Britain
VodafoneThree drops Samsung, relies on Nokia and Ericsson for £2bn network upgrade

Original article ISPreview UK:Read More

Good news. SpaceX’s Starlink internet service, which reflects a mega constellation of ultrafast broadband satellites in Low Earth Orbit (LEO), has quietly launched a new “Residential Lite” package for consumers in the UK that drops the price of their unlimited usage plan to just £55 per month and offers speeds capped at up to 250Mbps.

Starlink currently has around 9,100 satellites in orbit (c.5,600 are v2 / V2 Mini) – mostly at altitudes of c.500-600km. Residential customers in the UK usually pay from £75 a month, plus £299 for hardware (currently free for many areas) on the ‘Standard Residential’ unlimited data plan (kit price may vary due to different offers) directly from Starlink, which promises UK latency times of 26-33ms, downloads of up to 400Mbps and uploads of c.15-35Mbps. Cheaper, albeit more restrictive (data capped), options also exist for roaming users (e.g. £50 per month for 50 GigaBytes of data).

However, we recently reported that Starlink seemed to be experimenting with a more affordable package in the USA (here), which we indicated could soon be coming to the UK; albeit probably not in an identical form to the USA as Starlink tends to structure their packages differently between countries (due to differences in ground stations, capacity / spectrum allocations, coverage etc.).

The good news today is that Starlink appears to have just refreshed their main unlimited residential packages and launched a more affordable option. This suddenly makes the service much more attractive to the mass market, although they do state that it’s currently only available in “select areas” (we’ve yet to find a UK location where it isn’t available).

New Starlink Plans for Unlimited Data

Residential Lite – 250Mbps
(Average peak hour download speeds of 175 Mbps)

£55 per month
£0 hardware
£19 shipping

Typical Speeds for this Package:
Download: 80-200 Mbps
Upload: 15-35 Mbps

Residential – 400Mbps+
(Average peak hour download speeds of 250 Mbps)

£75 per month
£0 hardware
£19 shipping

Typical Speeds for this Package:
Download: 135-305 Mbps
Upload: 20-40 Mbps

*Typical speeds are calculated globally and represent the 20th to 80th percentile of real user data. Speeds may vary based on your location.

The move doesn’t just reflect the ongoing enhancement of Starlink’s network, but it could also potentially be seen as an early shot toward staving off future competition from Amazon’s Leo service, which is due to launch a consumer package sometime later in 2026. But unlike Amazon, SpaceX can leverage the advantages of a more mature network via competitive pricing. Credits to Stewart on our forum for spotting the change (here).

Original article ISPreview UK:Read More

Alternative broadband ISP Brsk, which last year merged with Netomnia’s growing multi-gigabit speed Fibre-to-the-Premises (FTTP) network (here), has reportedly been hit by a major data breach that is claimed to have resulted in 230,105 customer records being exposed to hackers. The database has since been put up for sale.

The breach appears to have been first spotted by the DailyDarkWeb, which is a community of volunteers dedicated to monitoring the unseen layers of the digital world and one that has often been credited with spotting a number of past leaks related to UK companies and telecoms providers. Sadly, the same today appears to be true for Brsk.

“A threat actor is advertising the alleged customer database of BRSK (brsk.co.uk), a UK-based telecommunications company specializing in full fibre broadband. The actor is offering the dataset, which contains 230,105 records, on a hacking forum, with a sample provided and a price set for negotiation via direct message,” said the website.

The breach is said to contain various personal customer details, including names, email addresses, physical address, phone numbers, installation/booking details, brsk ID numbers, location data and also data that identifies whether the customer is considered to be a vulnerable user (e.g. customers with telecare needs etc.). The latter is particularly worrying, as such users are often a prime target for phishing and scams.

However, so far as we can tell, the database does not appear to contain any financial details, logins or passwords, although that may come as small comfort to the internet provider’s many customers exposed by this leak.

A spokesperson for Brsk told ISPreview:

“Brsk is investigating an incident involving unauthorised access to one of our customer database systems. We have established that the information involved is limited to basic customer contact information. No financial information, passwords, or account login credentials were affected. At this stage, there is no evidence to suggest that any of the information has been misused.

We understand that incidents of this nature can cause concern, and we are treating this matter with the highest level of seriousness. We have informed affected customers and as an additional precaution, we are offering them 12 months of free personal, financial and web-monitoring services provided by Experian. We have also engaged specialist security partners to assist with our investigation. The ICO, the police and relevant regulatory authorities have all been informed.”

Unfortunately, a number of internet providers have, over the past few years, suffered from a variety of similar data breaches. One of the biggest occurred at TalkTalk in October 2015 that resulted in the release of details belonging to 156,959 customers, which after a long investigation resulted in the Information Commissioner’s Office (ICO) hitting the provider with a £400,000 fine in 2016 (here).

Suffice to say that Brsk could be facing a significant fine in the future, and that’s before we consider the reputational damage that such things tend to cause. However, it could potentially be a long time before the ICO reach that stage, not least because the regulator is currently backlogged with cases. For example, the ICO are still understood to be investigating Lyca Mobile UK’s 2023 Data Breach, which took place over two years ago (here)!

The following is a copy of the email that customers have received in connection with this event.

Brsk’s Data Breach Email to Customers

We sincerely regret to inform you that some of your data stored on one of our systems, which is used to process new installations on the Brsk broadband network, has been accessed without our permission. There’s no evidence that any of the information has been misused, however we ask you to be vigilant for any unexpected emails or phone calls that may appear to come from Brsk.

What information is involved?

The information is limited to the contact details you provided when you placed your Brsk broadband order. This includes: name, surname, email address, contact number and physical address.

We would like to assure you that no financial information (such as bank or debit/credit card information) is stored on this system and therefore none was compromised.

None of your Brsk passwords or login credentials were affected.

What happened?

A third party gained unauthorised access to the system containing certain customer contact information. This system is entirely separate from our core network and operational infrastructure, all of which remain fully secure.

What we have done

Upon discovery, we immediately activated our security protocols, locked down the system affected and launched an investigation. Additional security measures have been implemented, and the customer data has been removed from the affected environment. We have also notified the relevant authorities in line with our legal and regulatory obligations.

What this means for you?

We are sharing this update to keep you informed. If anything appears unusual or you receive unsolicited requests for your personal details from Brsk, please take care and contact us directly if you’re unsure.

We will never reach out to ask for your financial information, passwords, or account login details by phone, email or text. If we ever require you to confirm this, we will only ask you to do so through our secure online customer portal.

Are your broadband services or core network impacted?

No. The affected system is separate from our core network and operational infrastructure, which continue to operate securely.

How are we resolving this?

To support you with monitoring your personal information for certain signs of potential identity theft, we are offering you 12 months of free personal, financial and credit monitoring services, provided by Experian, one of the UK’s leading Credit Reference Agencies.

Original article ISPreview UK:Read More

Broadband ISP and mobile operator Vodafone UK will today take the wrappings off their annual Black Friday sale, which introduces additional discounts on the monthly prices of their various fixed line home broadband packages and SIM-Only mobile plans, among other things.

In terms of their fixed broadband plans, which are available across Openreach, CommunityFibre (mostly London) and CityFibre’s national networks, most of the discounts that have been introduced today represent further reductions of c.£0.5 to £1 off existing monthly prices (e.g. the 910Mbps CityFibre package drops from £25 to £24 per month).

However, the biggest reduction is on their 1.8Gbps CityFibre package, which drops from £60 to £48 per month. But it’s worth remembering that Vodafone’s annual mid-contract price increases will raise these rates by +£3.50 extra each April. Otherwise, the cheaper broadband prices will be available to take until 9am on 2nd December 2025.

On the Vodafone Mobile Black Friday deals (affiliate link), the operator has reduced the price of their SIM-Only 4G and 5G unlimited data plans quite a bit. The Unlimited Plus with Global Roam (100Mbps speed) plan is now £22 per month (down from £31), while Unlimited Max with Euro Roam is £27 (down from £43) and Unlimited Max with Global Roam is £30 (down from £46).

The mobile plans are all subject to an annual mid-contract price increase of +£2.50 each April.