Dave,

And a further thing having just read the service status announcement it would appear that my account may have been compromised so I also now have to watch my bank for possible fraud.

Mark

Excellent - well spotted rsharma. It appears that the latest service status post from Phil is more like what I was expecting.

From what PlusNet has said I should get 2 emails - I await them

Edited by blewit (Tue 15-May-07 16:20:29)

"Haven't they already checked a few other things and improved security in other areas? Do you think they aren't taking this seriously?"

remember at least two things
1. This is not by any manner of means the first time
2. It was pointed out by customers, they did not find it. A trojan was sitting on them and they had no checks in place to ensure that this did not happen.

Dave

I'm not sure if it is still the case, but some of the original older accounts didn't have Spam and AV facilites (it was an extra cost option). If it is still the case, could this now be allowed on all accounts regardless of whether they originally qualified or not please.

I've asked about that, will let you know the answer when I get it.

Will you also be providing clear instructions or assistance for people to aid them moving to new email addresses? I don't mean to another provider as I can understand that not beiing something the company would encourage, but to new PlusNet addresses that have not been harvested? Just another thought of something practical that could be done to alleviate future problems for customers.

And possibly revisit some of the longstanding requests regarding security improvements such as adding SSL as an option for all communications with the mail servers.

So reading the latest announcement:

"This list was obtained from our Webmail platform and includes accounts that customers have used to login to Webmail, as well as some email addresses contained in customers' online address books, and addresses customers have sent to using our Webmail service.

and

One of six @Mail servers was attacked and it is possible that customers connected to this server during the incident, may have had their login details observed. Purely as a precaution we advise customers to change their account password by visiting our website..."

So not only is my address compromised but potentially some of my friends and colleagues 'private' addresses and my account details too, oh this goes from bad to worse!

What are the chances they also copied message contents while they were on there?

OIMO

This is something I've been concerned about too.
I suspect (but obviously have no proof) that whomever is behind this grabbed the entire database and has since filtered through it for email strings. I guess the alternative is they did the leg work on PlusNet's own servers and ran a query for all email address strings on the mail server itself, then dumped and outputted just those. For the sake of PlusNet and it's customers I hope they used the more elegant solution. But brute force often wins out...