cancel
Showing results for 
Search instead for 
Did you mean: 

New email security breach at Plusnet ? (Feb 2016)

Community Veteran
Posts: 5,472
Thanks: 292
Fixes: 4
Registered: ‎11-08-2007

New email security breach at Plusnet ? (Feb 2016)

The Plusnet UserGroup, if I understand correctly, is/was an enthusiast/customer maintained usergroup (from the 'Force9' days), independent from Plusnet, other than it appears as a subsection on the Plusnet website.
In the UserGroup section of the website, there is a UserTools subsection, a collection of useful applications which I assume were all written and maintained by the UserGroup.
Within the UserTools, there is the very useful Service Status Email Updates subscription based mailing list, which emails Plusnet Service Status announcements to interested customers.

My question is, who is currently responsible for maintaining this mailing list, is it the UserGroup, or do Plusnet hold the email database ?
5 REPLIES
Superuser
Superuser
Posts: 9,888
Thanks: 1,252
Fixes: 71
Registered: ‎06-04-2007

Re: Who maintains the email addresses used by Plusnet Usertools ?

The UserTools Service Status mailing list is managed by the UserGroup. Subscribers sign up and unsubscribe using the application on the website which was written and is maintained by the UserGroup.
The MySQL server which holds the database is administered by Plusnet.
David
Community Veteran
Posts: 5,472
Thanks: 292
Fixes: 4
Registered: ‎11-08-2007

Re: Who maintains the email addresses used by Plusnet Usertools ?

The reason I ask, is that in the last few days, I have received SPAM to the unique email address which has specifically only ever been used for the purpose of being on the "Service Status" mailing list.
I have checked back though about ten years worth of emails, and can confirm that I have never previously received any messages to this specific address which didn't originate from the expected service status source.
In addition, looking at the SPAM message header, it contains other Plusnet customer's email addresses which have also been specifically used to receive this service status information.
   i.e.   typically along the line of     <PnServiceStatus@AnotherPNcustomer.plus.net>
The message looks like fake "Tracking Information" supposedly from DHL.com,
however the source address is clearly an unrelated spurious domain in India.
I already have complex message filtering to trap the hundreds of daily SPAM caused from the previous Plusnet email security leaks,  but this is the first appearance of SPAM to my unique service status mailbox.
Because I know the pattern and timing of how all the other SPAM arrives, it seems extremely unlikely that this new SPAM to my "Service Status" mailbox is in any way related to any previous Plusnet security leaks, as all the previously leaked mailboxes get hammered 24/7, so if this mailbox had been previously harvested then I would have expected that it would have been targeted before now.
Has there been yet another security breach at Plusnet ?
Cry
Community Veteran
Posts: 19,102
Thanks: 443
Fixes: 21
Registered: ‎31-08-2007

Re: New email security breach at Plusnet ? (Feb 2016)

As Plusnet had very little to say about the previous security breach, if there has been another, I'd guess we won't see much (if any) response Roll eyes
Community Veteran
Posts: 5,472
Thanks: 292
Fixes: 4
Registered: ‎11-08-2007

Re: New email security breach at Plusnet ? (Feb 2016)

It's been over a month since I posted this topic, and as you can see, there has been no official comment !  Crazy
It's not like the staff haven't read this thread, as I've watched most of them visit this topic - by regularly using "Who's OnlineAngry
After the previous email leaks, and the following lack of interest from Plusnet, I wasn't really expecting a response,
but I just wanted to register my observations here, so as to be a heads-up to other forum members who may be affected.
Superuser
Superuser
Posts: 12,973
Thanks: 4,268
Fixes: 26
Registered: ‎22-08-2007

Re: New email security breach at Plusnet ? (Feb 2016)

Hope there will be an acknowledgement of the report here soon....