Definitely.
I'd agree that some problems are only known after they have been exposed, but who exposes those and how people react are key. Work can (and is) put into hardening security by those who take it seriously. This ranges from the monitoring described right through to more proactive attempts to break a system. It's better for a friend to find a flaw than a foe. I wonder if PlusNet have ever had an impartial external assessment of their policies?

Hi Paddy,
I don't think this is an inside job due to the nature of the announcement...

"It has come to our attention that a number of customer email addresses have been obtained illegally by a third party."

To me a third party is someone other than
1st Party - Plusnet
2nd Party - customer(s)

The 3rd Party is yet to be confirmed.

3rd party could also be an ex-employee - which I'd pretty much class as an "Inside Job" ...

Given that it looks like it was Webmail that was compromised and that the platform runs publically-available software I'm guessing it was "just-another-hacker" who's been trying random atmail installs he could find and just "stumbled" across Plusnet ...

In reply to:

---

I don't think this is an inside job due to the nature of the announcement...

"It has come to our attention that a number of customer email addresses have been obtained illegally by a third party."

---

I think we can assume that in this case the third party being referred to is the spammer/s, therefore it could still possibly have involved an "insider".

Rob

Copy of email to be sent http://usergroup.plus.net/forum/index.php/topic,4761.msg62039.html#msg62039

Much ado about taking security seriously, but nothing to back it up, empty words with are contradicted by the last couple of days.

I shall wait and see the actual email that I receive by this does seem to be very poor and lacking in real information/help. For example:

1. The Trojan they refer to in the email seems to exploit a hole that was fixed in September last year and so anyone applying a Windows Update since then shouldn't be affected. A specific date would help people who don't update frequently.
2. Some advice on how to combat the spam would also be useful.

In reply to:

---

If I could just ask that you don't read too much into the removal of Wireless and a couple of other things for the minute - Overnight we conducted some pretty serious screw tightening across the board, but what we are aware of relates solely to the Webmail platform.

---

/me *sighs* not the first time this has happined has it ian? looks like your "screw tightening" the last time wasnt that tight after all!

its not the first time they have had to do some 'screw tightening' overnight - had a similar situation back in 2004.

its about time plusnet sack whoever is responsible for the serious (lack of) security within their network.

One would assume PlusNet are currently totally blocking all e-mail from the known sources of this outbreak or all that match the patterns of the outbreak. This is why they were able to say the problem has been 'resolved'. The problem is sadly not that easy to solve though.

If that is the case then it is not a fix for me because I am now tied to PN for my email unless I want to receive lots of spam as a result of their security lapse. Not good.