Image of cliffs and water with eir rebranded logo in front

eir modem hack - what you need to know

Some of eir's modems have a 'vulnerability' that impacts on their security.

This week, eir has contacted 130,000 of its customers who may be at risk of hacking because of a weakness in their modems.

eir first found out about a ‘vulnerability’ from the supplier of some its modems on 22 November, and took immediate steps to protect the modems by remotely resetting them.

However, the company became aware last week - while further investigating this issue - that around 2,000 customers’ modems have been breached. However, there is no indication that any customer data has been compromised.

How do I know if I am affected?

If you have one of the affected modems, you will be contacted by eir.

As a precaution, eir is now recommending that all customers check which modem they have by looking on the underside of the modem.

The affected modems are the D1000 or P-660HN-T1A models. If you have either of these modems, eir is advising you to manually reset it by following these steps:

  • Turn off the modem, remove the network cable that is connected to the grey-coloured DSL slot at the back of the modem, then turn the modem back on.
  • Push a ballpoint pen or paper clip into the reset hole on the modem - this is located on the right-hand side of the D1000 model, and on the back of the P-660HN-T1A model - and hold for 10 seconds.
  • Remove the ballpoint pen or paperclip from the reset hole, and wait a few minutes until the lights on the modem are showing solid and no longer blinking.
  • Re-insert the network cable to the DSL slot at the back of the modem.

After reinserting the cable, the DSL light on the front of the modem will begin to blink and, once it is solid, the internet light to the right of it will turn red for about 20 seconds. Once the internet light is solid green, your modem is reset.

Change your passwords

Once you have reset your modem, eir has advised that you need to change both your modem administration password as well as your WiFi password.

These passwords should be strong and the two passwords should be different from each other.

Other measures taken by eir

In addition to resetting and securing the modems in question, eir says it has taken a number of other steps to “protect customers potentially impacted by this vulnerability”, including:

  • applying a security filter onto the network; and
  • upgrading the modem software.

eir has also reported the matter to the Office of the Data Protection Commissioner, An Garda Siochána and ComReg.

If you have any questions or concerns, you can contact eir through their website, or call their customer care line on 1901.