Just a heads up to make you aware that we are in the process of sending the following E-Mail to customers who have logged into the Portal Forums recently :
Title: PlusNet Discussion forum passwords
Dear <customer name>,
It recently came to our attention that a potential security problem existed on our website discussion forums. It could have been possible to exploit the forum software, and retrieve an encrypted copy of the password details we hold for your account.
As a user of our forums, we are now emailing you to advise you of this, and of the next steps you should take. Although we have no evidence that a malicious attack has occurred, we can confirm that one of our customers proved this vulnerability, and subsequently contacted us. We would like to publicly thank that individual, and we have had assurances that any data obtained has now been destroyed.
We are now asking all customers in receipt of this email to change their account password as soon as possible, purely as a precaution. This can be done on-line, by going to our member centre website at http://portal.plus.net
This only affects customers who have not used a ‘strong’ password that is not easy to guess. It’s always good practice to make sure you change your password on a regular basis. Take a look at the advice on http://www.plus.net/support/security/index.shtml for more information about how you can improve your online security.
At this point, I would like to reiterate that confidentiality of customer data is of the utmost importance to us. We have recently undertaken a full security audit of our Portal services, and recently employed an external consultancy to undertake a full intrusion test to our internal network and backend systems.
Plusnet Comms Team
You can find the discussion topic for this announcement >>> here <<<