cancel
Showing results for 
Search instead for 
Did you mean: 

Potential email address leak?

Highlighted
Community Veteran
Posts: 5,584
Thanks: 357
Fixes: 6
Registered: ‎11-08-2007

Re: Potential email address leak?


@Townman wrote:

OK so from the above, a simple question: in who's domain / control / environment is the pug service hosted?


According to this - Re: Who maintains the email addresses used by Plusnet Usertools ?

 


@spraxyt wrote:
The UserTools Service Status mailing list is managed by the UserGroup. Subscribers sign up and unsubscribe using the application on the website which was written and is maintained by the UserGroup.
The MySQL server which holds the database is administered by Plusnet.

 

Plusnet FTTC 80/20 IPv4/30, Hurricane Electric 6in4 IPv6/48, Pulse8 landline & calls, SamKnows 600N
Vigor 130 modem, pfSense 2.4.4-p3 router, 5 WAPs, Devolo dLAN 500, Gigaset N300A-IP VoIP DECT
Highlighted
Grafter
Posts: 486
Thanks: 2
Registered: ‎27-07-2007

Re: Potential email address leak?

Today I received the stage 2 emails with infected zips.

Highlighted
Grafter
Posts: 486
Thanks: 2
Registered: ‎27-07-2007

Re: Potential email address leak?

Correction to my previous post - I only received the message to the Usergroup email address and not the Service Status email address.

 

Today, I received another spam email to my Usergroup email address only, with a probably unfriendly attachment.

 

 

Highlighted
Grafter
Posts: 486
Thanks: 2
Registered: ‎27-07-2007

Re: Potential email address leak?

There has been a shift in style of the emails sent to my leaked email addresses.

 

Maybe this is another leak, the list of leaked details has been shared.or the spammer is getting busier.

 

Today I received two emails with zip attachments. This has included the Service Status email address again.

 

I also received a single spam email message that had been sent with both of the email addresses as recipients. I think this support the possibility that the emails are being treated together and were probably received together in a form that linked these addresses together.

 

As I mentioned in an earlier post, there was probably a single set of data that has been leaked, and this new evidence is inline with that theory.

 

So Plusnet, who would have access to both sets of information and to have the knowledge to link the information together? You tried to shift "blame to a third party" who operates the User Group service. So, if they leaked the usergroup email addresses, how could they leak my service status email address, unless Plusnet shared it with them - did Plusnet leak the service status email addresses to that third party?

 

... or is the simplest solution still that Plusnet allowed a single merged set of data to be leaked?

 

The spammer has linked these email addresses together. How? Does it mean they have another piece of my personal data that is common to both addresses?

 

So, Plusnet, are you ready to face up to the gathering evidence?

Highlighted
Pro
Posts: 1,163
Thanks: 33
Fixes: 7
Registered: ‎04-11-2011

Re: Potential email address leak?

Umm... You do realise that the service status emails are also handled by the same third party? If you look back in the thread it already says this.

Please don't take my post as rude or anything negative. Just wanting to help out and get to the facts of the matter.
That's RPM to you!!
Highlighted
Grafter
Posts: 486
Thanks: 2
Registered: ‎27-07-2007

Re: Potential email address leak?

Thanks for your interest.

 

Are you sure about the "service status" emails?

Highlighted
Pro
Posts: 1,163
Thanks: 33
Fixes: 7
Registered: ‎04-11-2011

Re: Potential email address leak?

Yes, as far as I'm aware the status emails have always been handled via the user group tools site. Just ask @spraxyt (David) about it, see if he's seen anything suspicious.

I've been using a gmail address for my service status emails, I've not seen any spam like the ones you've been cataloging. Their spam filters probably stopped them from even appearing.
That's RPM to you!!
Grafter
Posts: 486
Thanks: 2
Registered: ‎27-07-2007

Re: Potential email address leak?

Thanks for clarifying that. I had missed the significance of the comment.