PlusNet email accounts raided again.

ISP PlusNet has had its email database stolen and its users' accounts
bombarded by spammers, AGAIN!.

The attack first surfaced yesterday, when PlusNet punters reported that
previously spam-free email addresses were being filled with unsolicited discount
pharmacy marketing. Some forum posters report that a few of their webmail
contacts have received more spam too.

In a statement, BT-owned PlusNet said: “It has come to our attention
that a number of customer email addresses have been obtained illegally by a
third party. We are in the process of contacting all affected customers in
order to inform them of the incident and of any steps they need to take to
ensure that their internet connections and computers are safe.

“We regret that this has happened but are confident that we have
resolved this issue and will monitor the situation closely to ensure that the effect
is minimised and the issue does not reoccur.”

PlusNet has not revealed whether it has been hacked or if the data was
obtained illegally some other way.

The news is a huge blow for PlusNet, which recently
completed migration to a brand new £250,000 NetApp email platform. The last
time accounts suffered from a spam attack was this April, mid-way through
migration, at which time the firm said its new hardware would remedy its email
problems. (source)

 

One unlucky PlusNet user contacted PJC Journal to confirm
that they had received a comfort email from BT/PlusNet to advise that they have
assembled a task force to address the issue that includes a board director.
They are requesting that people do not contact customer services about it, as
they are trying to contact those affected.

It would appear that PlusNet have a very lax email creation
policy, which allows email addresses in the form of anythingyoulike@username.plus.com,
so one can make up lots of throw away addresses, which would only go to hinder
any enquiry to identify who had the lax security! Almost sounds like a spammers
paradise.

There is also speculation amongst users as to whether the legally required data retention areas of the PlusNet system have been hacked, releasing details
of users sent and received emails.

There have been warnings by many security experts that this
would eventually happen and that the keeping all of your eggs in one basket
method is inherently dangerous.

There does need to be a full and detailed report from the
task force, an undertaking to the users of this service that PlusNet will take
responsibility for its lack of security, and a considerable investment made in
tightening up that back end security.

 

For its lack of due diligence in securing customer details,
this organisation may be an ENABLER of ID fraud.

 

Advertisements

About IanPJ

Ian Parker-Joseph, former Leader of the Libertarian Party UK, who currently heads PDPS Internet Hosting and the Personal Deed Poll Services company, has been an IT industry professional for over 20 years, providing Business Consulting, Programme and Project Management, specialising in the recovery of Projects that have failed in a process driven world. Ian’s experience is not limited to the UK, and he has successfully delivered projects in the Middle East, Africa, US, Russia, Poland, France and Germany. Working within different cultures, Ian has occupied high profile roles within multi-nationals such as Nortel and Cable & Wireless. These experiences have given Ian an excellent insight into world events, and the way that they can shape our own national future. His extensive overseas experiences have made him all too aware of how the UK interacts with its near neighbours, its place in the Commonwealth, and how our nation fits into the wider world. He is determined to rebuild many of the friendships and commercial relationships with other nations that have been sadly neglected over the years, and would like to see greater energy and food security in these countries, for the benefit of all. Ian is a vocal advocate of small government, individual freedom, low taxation and a minimum of regulation. Ian believes deeply and passionately in freedom and independence in all areas of life, and is now bringing his professional experiences to bear in the world of politics.
This entry was posted in Enabling ID Fraud. Bookmark the permalink.