User comments on ISPs
  >> Other Providers (without dedicated forums)


Register (or login) on our website and you will not see this ad.


Pages in this thread: 1 | 2 | (show all)   Print Thread
Standard User My_brain_hurts
(regular) Tue 01-Dec-15 17:52:38
Print Post

Timico - possible database hack?


[link to this post]
 
I have just received three malicious emails with attachments on an email address SPECIFIC TO and ONLY used for Timico. Absolutely nobody else has ever been given the particular email address. I use different addresses for everybody so that I can track and tackle fraud and stop spam and it has been successful for some years until now.

This means either Timico are selling on user details, which I doubt OR even worse that their user database has been hacked. I should not have to spell out exactly what that could mean and the danger, if that is the case, it could put all Timico users in, particularly bank account details, home addresses, telephone numbers etc.

This could only be me but if you think it's happened to you please contact Timico support immediately and post to this forum to alert others.
Standard User bobble_bob
(knowledge is power) Tue 01-Dec-15 21:34:22
Print Post

Re: Timico - possible database hack?


[re: My_brain_hurts] [link to this post]
 
Did the email mention you personally? Could just be some random spam getting send out to randomly generated email addresses and they got lucky
Standard User ggremlin
(experienced) Tue 01-Dec-15 21:47:32
Print Post

Re: Timico - possible database hack?


[re: My_brain_hurts] [link to this post]
 
In reply to a post by My_brain_hurts:
This means either Timico are selling on user details, which I doubt OR even worse that their user database has been hacked.
or your own email system has leaked the address.


Register (or login) on our website and you will not see this ad.

Standard User Andrue
(eat-sleep-adslguide) Tue 01-Dec-15 22:22:27
Print Post

Re: Timico - possible database hack?


[re: ggremlin] [link to this post]
 
In reply to a post by ggremlin:
In reply to a post by My_brain_hurts:
This means either Timico are selling on user details, which I doubt OR even worse that their user database has been hacked.
or your own email system has leaked the address.
That is highly unlikely.

I use the same strategy and mine is implemented using wildcards. My server doesn't have any knowledge of incoming addresses. Something that scanned my mailbox could get those addresses but only if it chose to look in the 'to:' field which would be a strange thing for it to do since it already had access to my mailbox. It could also get those addresses by scanning the server log files but that's yet another magnitude of unlikely.

In any case knowing how spam works if something has harvested the OP's incoming addresses they should be seeing a lot more spam. No-one sells just one address. Everything gathered from the OP's server should now be being targeted.

---
Andrue Cope
Brackley, UK

Edited by Andrue (Tue 01-Dec-15 22:24:25)

Standard User Andrue
(eat-sleep-adslguide) Tue 01-Dec-15 22:32:34
Print Post

Re: Timico - possible database hack?


[re: bobble_bob] [link to this post]
 
In reply to a post by bobble_bob:
Did the email mention you personally? Could just be some random spam getting send out to randomly generated email addresses and they got lucky
Well that depends how the OP generates addresses but it seems unlikely. Most people doing this use a wildcard system. Typically an address will consist of a known value and the bit that varies eg;

<contact name>.mymailbox@...

In order to get random spam the name generator has to have finally hit on something that ends with '.mymailbox'. Once they do that anything will go through eg 'a.mymailbox@', 'b,mymailbox@' etc. It'd be a pretty bizarre name generator that happened to try 'timico.mymailbox@' on it's first attempt.

The alternative strategy is to use the standard '+' notation supported by most servers eg;

mymailbox+timico@...

And again you have to ask what kind of random generator only picked 'mymailbox+timico' when 'mymailbox+aaaaa' is just as valid.

---
Andrue Cope
Brackley, UK

Edited by Andrue (Tue 01-Dec-15 22:35:39)

Standard User bobble_bob
(knowledge is power) Tue 01-Dec-15 22:35:39
Print Post

Re: Timico - possible database hack?


[re: Andrue] [link to this post]
 
I believe the OP was with Coms before Timico bought them out. Perhaps they had his email address aswell?
Standard User Andrue
(eat-sleep-adslguide) Tue 01-Dec-15 22:43:22
Print Post

Re: Timico - possible database hack?


[re: bobble_bob] [link to this post]
 
In reply to a post by bobble_bob:
I believe the OP was with Coms before Timico bought them out. Perhaps they had his email address aswell?
Oh aye that's possible. All I'm saying is that this naming system makes it almost certain that blame for this can be laid on a third party.

As for how..there are several ways. Could just be careless use of CC or perhaps one of their suppliers needs the emails of users for some reason. One way or the other it still lays blame on Timico. It just might not be as serious as a data breach.

---
Andrue Cope
Brackley, UK

Edited by Andrue (Tue 01-Dec-15 22:44:10)

Standard User bobble_bob
(knowledge is power) Tue 01-Dec-15 22:48:54
Print Post

Re: Timico - possible database hack?


[re: Andrue] [link to this post]
 
Its surprising how people can get your email and phone number. Im very careful about who has my details and always tick the "dont sell to 3rd parties box", yet ive had phone calls from PPI companies who know my full name. So someone sells them the data either illegally or by not making it easy for you to opt out of them selling your details
Standard User RobertoS
(elder) Tue 01-Dec-15 23:32:01
Print Post

Re: Timico - possible database hack?


[re: bobble_bob] [link to this post]
 
Your full name and address is on the electoral register.

The indispensable man or woman passes from the scene, and what happens next is more or less the same thing as was happening before.
My broadband basic info/help site - www.robertos.me.uk. Domains, site and mail hosting - Tsohost.
Connection - AAISP Home::1 80/20. Sync 59997/15142kbps @ 600m. - BQM

Edited by RobertoS (Tue 01-Dec-15 23:32:21)

Standard User bobble_bob
(knowledge is power) Tue 01-Dec-15 23:40:55
Print Post

Re: Timico - possible database hack?


[re: RobertoS] [link to this post]
 
My mobile number isnt though and thats what they rang me on
Pages in this thread: 1 | 2 | (show all)   Print Thread

Jump to