General Discussion
  >> ISP Unhappiness


Register (or login) on our website and you will not see this ad.


Pages in this thread: 1 | 2 | 3 | 4 | 5 | (show all)   Print Thread
Standard User RobertoS
(elder) Thu 10-Dec-20 21:01:27
Print Post

Plusnet data leak?


[link to this post]
 
I have just received an email advertising:- Heavily discounted, fully tenanted Doncaster city centre apartments from 90,000 pounds

It has come from an email address on one of my domains, with the part before the @ uniquely issued to and used on my Plusnet account for sending emails to me.

I migrated from Plusnet to AAISP several years ago.

__________________________________________________________
Sovereignty Means Sovereignty

My broadband basic info/help site - www.robertos.me.uk. Domains, sites and mail hosting - Tsohost & Ionos.
Connections: OnePlus 8 Pro max 165Mbps down, 24Mbps up on Three, and B311 4G, tbb tests normally 35-45Mpbs down, 65Mbps off-peak, 9-24 up.
========================
Experience shows us that love does not consist in gazing at each other but in looking together in the same direction.
Antoine de Saint-Exupéry.
Standard User ian72
(eat-sleep-adslguide) Fri 11-Dec-20 11:03:44
Print Post

Re: Plusnet data leak?


[re: RobertoS] [link to this post]
 
Are you sure it came from a PlusNet server rather than from a spoofed address? I get lots of emails from my email addresses but they do not come from my email server. If it didn't come from a PlusNet server and you have ever used that email address before then it is likely the "leak" was from somewhere else - ie one of the services that had your email address. You can put the email address in https://haveibeenpwned.com/ and see if it has been added to any leaked email address lists.
Standard User gary333
(experienced) Fri 11-Dec-20 12:00:23
Print Post

Re: Plusnet data leak?


[re: RobertoS] [link to this post]
 
In reply to a post by RobertoS:
I have just received an email advertising:- Heavily discounted, fully tenanted Doncaster city centre apartments from 90,000 pounds

It has come from an email address on one of my domains, with the part before the @ uniquely issued to and used on my Plusnet account for sending emails to me.

I migrated from Plusnet to AAISP several years ago.


All I can say is don't buy, there are no nice apartments in Doncaster for that price smile


Register (or login) on our website and you will not see this ad.

Standard User JennyCide
(newbie) Fri 11-Dec-20 12:02:58
Print Post

Re: Plusnet data leak?


[re: ian72] [link to this post]
 
I don't think he's saying that the email was sent by plusnet but that it was sent to a unique email address which should only be known and used by plusnet. I do the same thing - I use the format [email protected] for every company I deal with and have had the same thing happen multiple times. Often it's a rogue employee (often in call centres) selling contact details but occasionally it will be a hack and leak/dump of data.
I've found responses hard to get from most companies - I wish I could name and shame as some companies were superb in engaging and others were utterly abysmal and in denial (one international company were fined for a massive data leak in 2017 but I'd had issues with them over a decade beforehand and they were not interested in any proof or any help I offered whereas another UK pc supplier held daily calls with me for a fortnight even after I'd given them all I could, they still wanted to update me, getting me to liaise with the Incident Response team they brought in and I couldn't fault their investigation or response)

Do try to see if you can track the sender (use something like https://whatismyipaddress.com/trace-email) but it'll probably just be a gmail account. Any info you can gather will help

It is worth alerting the cybersecurity team in Plusnet but also the DPO (snail mail only ironically);
FAO: The Data Protection Officer
Plusnet Plc
The Balance
2 Pinfold Street
Sheffield
S1 2GU

If you can't get any link to the security team from their website or forums then look on linkedin - I usually find that if I politely approach people that way and ask to be directed to the right person to discuss a potential breach I get a reasonable response.
ISP Representative uno
(isp) Fri 11-Dec-20 12:12:58
Print Post

Re: Plusnet data leak?


[re: RobertoS] [link to this post]
 
Also factor in that this may not have been Plusnet at all. It could have also been any service in between i.e your email provider.

They will have logs of who you send mail to and receive mail from and a leak could have been from there also.

Matt

uno Communications
t: 0333 773 7700
uno Speedtest
The above post has been made by an ISP REPRESENTATIVE (although not necessarily the ISP being discussed in the post).
Standard User ian72
(eat-sleep-adslguide) Fri 11-Dec-20 12:15:50
Print Post

Re: Plusnet data leak?


[re: JennyCide] [link to this post]
 
I don't think he's saying that the email was sent by plusnet but that it was sent to a unique email address which should only be known and used by plusnet.
OK, re-reading it I think you are right.

However, putting the address on haveibeenpwned would show if it has been part of a known data leak and what that leak was.
Standard User RobertoS
(elder) Fri 11-Dec-20 15:21:19
Print Post

Re: Plusnet data leak?


[re: JennyCide] [link to this post]
 
Thanks Jenny. Exactly as you say, except it was a bit more complex than "company name". That would be a fairly simple one for a scammer or whatever to experiment with.

I'll do some checks later.

I have sneaking feeling/memory that there was a publicised Plusnet leak a few years ago.

It isn't an address that I ever emailed or replied to either. The sign-up/login type.

__________________________________________________________
Sovereignty Means Sovereignty

My broadband basic info/help site - www.robertos.me.uk. Domains, sites and mail hosting - Tsohost & Ionos.
Connections: OnePlus 8 Pro max 165Mbps down, 24Mbps up on Three, and B311 4G, tbb tests normally 35-45Mpbs down, 65Mbps off-peak, 9-24 up.
========================
Experience shows us that love does not consist in gazing at each other but in looking together in the same direction.
Antoine de Saint-Exupéry.
Standard User RobertoS
(elder) Fri 11-Dec-20 15:26:34
Print Post

Re: Plusnet data leak?


[re: uno] [link to this post]
 
That's a good point Matt, but I think unlikely in this case. Otherwise I would expect similar to have happened on several domains through the same mail host, over several decades.

__________________________________________________________
Sovereignty Means Sovereignty

My broadband basic info/help site - www.robertos.me.uk. Domains, sites and mail hosting - Tsohost & Ionos.
Connections: OnePlus 8 Pro max 165Mbps down, 24Mbps up on Three, and B311 4G, tbb tests normally 35-45Mpbs down, 65Mbps off-peak, 9-24 up.
========================
Experience shows us that love does not consist in gazing at each other but in looking together in the same direction.
Antoine de Saint-Exupéry.
Standard User E300
(member) Fri 11-Dec-20 15:41:50
Print Post

Re: Plusnet data leak?


[re: uno] [link to this post]
 
I do the same thing, use a unique bit before the @ as I have my own domain for email. I've had numerous leaks as well, a couple of times it has been companies long since closed, then all of a sudden emails start coming in to the email address. I assume in these cases some hardware has been found and spun up and data has then been extracted.

I've tried contacting companies and letting them know and I've never been able to get any of them to take any interest and its usually denials so now just don't bother.

It's become much less of a problem in recent years though for me, I can't remember the last time an email address that was unique to me has started getting spammed so companies seem to be taking it more seriously.

The adobe hack in 2013 I still get emails to this day, I never see them in my inbox though as the email address is black listed, but just see them now and again if I'm checking in the trash for something. Once hacked those emails seem to keep on coming.
Standard User ian72
(eat-sleep-adslguide) Fri 11-Dec-20 16:58:54
Print Post

Re: Plusnet data leak?


[re: E300] [link to this post]
 
I have had Linkedin leak an email address I used as part of their big data loss.

Also, Curse (gaming add-ons), Gotowebinar, IWOOT and William Hill have all had unique addresses that are now used for spam. I don't know if it was because they had a data breach or another means but it seems to happen a lot. Only Linkedin and William Hill show up on haveibeenpwned as being spotted in dark web lists so not sure why the others get spam.
Pages in this thread: 1 | 2 | 3 | 4 | 5 | (show all)   Print Thread

Jump to