Security problems at Eircom, Ireland’s main telecoms company, have put a quarter of a million wireless broadband customers at risk of having their internet connections hijacked, even if they’re using WEP encryption.

Eircom will be contacting 250,000 of its residential and business customers following concerns with regard to a security flaw with the Netopia routers 3300 and 2247. The flaw means that anyone within a 100 foot radius of the wireless connection can, essentially, piggy-back off their broadband.

However, someone mooching off of your broadband should be the least of your worries if one of the neighbours hacks into your connection. Anything that person does on the internet is being done through your internet connection. So, be it legal or illegal, whatever they’re up, traces back to the name on the Eircom bill.

The Wired Equivalent Privacy (WEP) key on these routers is generated from the serial number of the router as well as some text which is converted to numerical values. In other words, it’s not random, and it’s very easy to crack.

All this wouldn’t be a problem if the unique number that is broadcast as the name of the network wasn’t also derived from the serial number. This means anyone who can see the name of an affected wireless network can gain access to it. There are websites and downloadable tools available which will generate the key when the network name is entered.

Users who have changed the default settings on their router need not worry as they won’t be affected and, while Eircom are including instructions on how to change the WEP with all their new modems existing Eircom customers should visit the website for further details