Bye bye plusnet

[mejinks]

hmmm, they give a static ip address too? They are cheaper than PN also. Are they reliable?

[CliffyG]

Aye they give a static address and as far as i can remember have great up time (not 1 outage of note i can think of). Lovely download speeds too. Check out Entanet (ukfsn fall under their umbrella) on the www.adsguide.org isp comparison thingy. Top ratings on everything.

I'm on the office 45 option, 45 gig peak 300 off peak with 866 upload .

[Garp]

Quote:

Originally Posted by Feek

http://www.theregister.co.uk/2007/05...am_attack_may/

I like how The Register does sensationalist journalism.

First line of the story..

Quote:

Gaffe-prone ISP PlusNet has had its email database stolen and its users' accounts bombarded by spammers.

Then at the end:

Quote:

PlusNet has not revealed whether it has been hacked or if the data was obtained illegally some other way. It said it was still investigating the spam attack and would provide more info this afternoon.

So in other words there is no indication that their database was stolen at all, its just El Reg mouthing off again. There are myriad ways to gather e-mail addresses without even touching a database.

[mejinks]

The thing is, behind the scenes (I used to go to college with somebody who is a senior tech) They think that the addresses were harvested from a badly written piece of code on the webmail platform or from an asset disposed piece of kit. However, you are right, the register does have a penchant for sensationalist journalism.

[Desmo]

UKFSN have been great so far. I'm on their 30/300 plan and it's great for what I need. Pretty much always get full speed from newsgroups too.

[mejinks]

Quote:

Originally Posted by Desmo

UKFSN have been great so far. I'm on their 30/300 plan and it's great for what I need. Pretty much always get full speed from newsgroups too.

Do you get binaries with the account?

[Desmo]

Don't think so, never looked into it.

[Mark]

Mejinks, you obviously have inside knowledge that I don't have. To an outsider who doesn't use PN's (or anyone else's webmail) the issues appeared seperate.

I also don't rely on ISP email for anything important - the PN email is a backup contact in case my main mail server goes down. This is why I have remained unaffected by all of PN's past email blunders - until now it would seem.

I'm still considering moving to Virgin in 3-6 months (once I have room for a new STB and money to replace my main router). I'll admit that I'm loathe to move ISP and risk breaking my internet connection - I consider things like ISP email and webspace to be expendable froth.

[Mark]

Quote:

We are currently dealing with a serious security incident that has resulted in a third party illegally accessing our Webmail database. The third party has acquired a list of email addresses for the purpose of distributing unsolicited email (spam).

We take the security of our customers' information very seriously and would like to reassure customers that the incident is being handled with the utmost importance and that at this stage in the investigation we believe no other personal information, including credit card details, has been disclosed.

We would like to assure customers that our incident team are working around the clock with the relevant authorities in order to resolve the situation. We have conducted a full platform audit and our network and software engineers are currently taking a number of actions to minimise any further risks to customers.

We became aware of an attack on Wednesday 9th May 2007 and immediately took our Webmail service offline to secure the platform. We promptly identified the source of the vulnerability and implemented a fix to prevent further attacks. We will provide full details on the vulnerability and actions taken in the incident report which we aim to publish on Friday 18th May 2007. At present we are working with our vendors and legal authorities so cannot expand further on this.

As a result of the attack a small number of customers may have downloaded a Trojan virus. This will only have affected un-patched Windows PCs with no anti-virus software installed. We are contacting affected customers by phone and email. If you have not received an email from PlusNet customer support today regarding this, your PC is not affected. However we always recommend customers have fully up-to-date Windows software and anti-virus software.

On Sunday 13th May 2007 we received reports that customers were receiving spam emails to addresses that had not previously received spam. Following investigation of these reports it became apparent that a third party had illegally acquired a list of email addresses. This list was obtained from our Webmail platform and includes accounts that customers have used to login to Webmail, as well as some email addresses contained in customers' online address books, and addresses customers have sent to using our Webmail service. It is possible that your email address may have existed in the Webmail database even if you had not used the Webmail service yourself.

This list is now being used to distribute spam email which continues to be sent to customers, and it is likely that this will continue.

One of six @Mail servers was attacked and it is possible that customers connected to this server during the incident, may have had their login details observed. Purely as a precaution we advise customers to change their account password by visiting our website. Please note if you change your account password this will need to be updated in your router or modem as well as your browser and email software.

We would like to sincerely apologise for the inconvenience to our customers and thank you for your patience whilst we continue to investigate and resolve this incident.

Further details will follow as they become available and a full incident report will be published on Friday 18th May 2007. In the meantime we would like to ask that you avoid contacting our Customer Support Centre regarding this issue as no further information is available at this time, we will provide all information that we have via Service Status and emails to customers.

So, one of their servers got cracked. The webmail system error reported above appears to have been caused by the cracker so is a consequence not a cause.

I will definitely not be amused if details beyond email addresses got leaked.

I've replaced all PN-related passwords, all other passwords that were similar to passwords on PN accounts, and all passwords that could possibly have been in emails stored on PN's servers. There goes my uptime. Anyone else still using PN, I strongly recommend they do the same whether or not you use PN's Webmail.

[Mark]

Yeah - I just need to get Sky out of the way (as in physically out of the way) first.