Slashdot Mirror
ISP Closes Webmail After Spammers Get Addresses
An anonymous reader writes "Error prone British ISP PlusNet, who you might remember for accidentally deleting 700GB of customer's e-mail last year, have done it again with a major security gaffe.
Their webmail service was compromised this week, and spammers got hold of customers' e-mail addresses who they've been happily spamming away ever since. They've since made the decision to close their webmail service, in the ultimate admission of incompetence for the now BT owned ISP.
In an e-mail to their customers, Network director Phil Webb goes on to recommend that their customers install security software, along with telling them that they shouldn't call up to complain. One might suggest that they need to practice what they preach."
Old people. In Korea.
Not all that surprising, this is a company whose account password policy is 5-8 characters, all lower case, no non-alphanumeric characters. I've been with plus.net for ages, they seemed fantastic after my truly awful experiences with Demon, but they've been much worse recently - they broke routing recently so that I couldn't connect to my work VPN for days. Anybody recommend any other decent UK ISPs? I hear good things about Pipex.
Their webmail service was compromised this week, and spammers got hold of customers' e-mail addresses who they've been happily spamming away ever since. They've since made the decision to close their webmail service, in the ultimate admission of incompetence for the now BT owned ISP. In an e-mail to their customers...
It's unlikely they'll actually be able to read this email given the fact that they're now drowning in spam...
Summation 2
I always worry about this. I use my gmail account as a sort of backup, just in case my laptop decides to fail. And I also keep loads of emails there with important information I may need later. I treat it as my safety net, but what if this was to happen? I understand that google and this ISP are probably years apart (as far as security and technology), but it still makes you wonder. Now I feel like making a backup on a thumbdrive, saving it on a dvd-r, etc.
PIPEX are looking to be bought out. Maybe by tiscali.
Get a real ISP, like Black Cat Networks or Andrews and Arnold Ltd. Alternatively, UKFSN (an Enta.net reseller) are pretty good, if you're tighter around the pocket.
[Captcha: protests]
Customers of this ISP may want to check to see if they can take action against them under the data protection act.
in particular, the sections:
"Personal data should be securely kept, and not transferred to any other country without adequate protection."
and
"Appropriate technical and organisational measures shall be taken against unauthorised or unlawful processing of personal data and against accidental loss or destruction of, or damage to, personal data."
( http://en.wikipedia.org/wiki/Data_Protection_Act )
0845 is _NOT_ local rate...
It is LO-CALL rate, which is a revenue sharing service. It is charged at the same cost local rate calls used to be in the early 90s, and it is always charged by the minute regardless of your phone service plan. Also, inclusive minutes usually don't count for calls to 0845 numbers.
BT charge a flat rate of 5p for a 1 hour national landline call at evenings and weekends on their lowest call plan, a 1 hour evening or weekend call to an 0845 number would cost 120p evenings and 60p weekends. BT's higher calling plans (options 2 and 3) charge you nothing for the first 60 minutes to a national number at evenings or weekends (again 0845 arent included) and in the case of option 3, also during the day.
What's worse is, a share of the call revenue goes to the company operating the number (which is why BT can't offer free calls to 0845) which gives these companies an incentive to keep you on hold.
In essence, 0845 really is premium rate. It may be a lower per-minute cost than 09 premium rate numbers, but it works in just the same way.
http://spamdecoy.net - free throwaway anonymous email - avoid spam!