I've seen similar content spam messages to some of my PN compromised addresses on and off for ages now. Most prevalent in 2019 and earlier it has to be said though.
The primary data breach was in May 2007 with the webmail platform being hacked. Long out-of-date OS/software with known vulnerabilities resulting in a database containing virtually all PN customers' e-mail addresses being acquired. Even if, like me, you didn't actually use webmail you were still screwed because PN had pre-loaded the webmail system with all customer's account and contact e-mail addresses etc. just in case they wanted to use the webmail system. Also, any e-mail address that had been 'seen' in any customer's webmail account was compromised. If, for instance, you had sent an e-mail from, say, gmail to a PN customer who used the webmail system then your gmail address was almost certainly compromised.
A secondary data breach occurred in November 2014 although I think from memory that PN denied everything so it's unclear exactly what happened. However, there was absolutely no shortage of evidence from a good many reliable PN customers that various e-mail addresses allegedly known only to PN had been compromised. A shiny new and to all intents and purposes unused PN account that I'd set up 'just in case' following the 2007 breach suddenly started receiving spam and occasionally still does. The e-mail addresses being abused were only known to PN and PUG plus possibly also to one other PN customer who generally used PN webmail all the time. IMHO there was definitely a smoking gun in Plusnet Towers.
I also have a certain amount of evidence suggesting several other possible data leaks but nowhere near sufficient to be in any way sure that it was actually down to PN. I believe that there were also some data breach(es) during 2017/18/19 mostly relating to the billing system although I didn't appear to be affected
I'm still monitoring the use/abuse of my compromised PN addresses and accounts ... really must get a life ! However, I don't see any recent evidence of further PN breaches but I can say that the level of spam to all compromised addresses has been on the increase again after a fairly lengthy lull. From past experience this is typical in the run up to Christmas and other public holidays in general although it does seem worse than usual.
I've also had something very odd going on with one address and Amazon recently. A specific PN address used only to open an Amazon A/C and place one single order. The Amazon A/C was then closed shortly afterwards with all personal data allegedly being permanently deleted. However, it now receives regular phishing attempts that are mostly, but not exclusively, Amazon related. The address was known only to PN & Amazon and it was only in use and/or visible to anyone in any way for literally just a couple of weeks during October 2020.
to see ye olde weekly F9/PN Spam Volume Chart. More spam than you can possibly shake a stick at
Thank you Plusnet, grrrrrrrrrr ...
Edited by ambrougham (Thu 17-Dec-20 22:30:22)