back to article A cautionary, Thames Watery tale on how not to look phishy: 'Click here to re-register!'

Thames Water found itself in warm, er, water this week after a clunky migration effort left customers receiving emails that looked like a particularly sophisticated spear-phishing attack. A Register reader got in touch after receiving an email purporting to be from the company and requesting that he re-register his online …

  1. Blockchain commentard

    If not all data was transferred, it begs the question - have they lost any customers who'll now not get billed? That'd certainly be a selling point !!!!

    1. JohnFen

      More importantly, would the failure to exist in the new billing system cause customers to get their water shut off when their failure to pay is noticed?

      1. Anonymous Coward
        Pint

        You can have your water, but you'll have to pass it first.

      2. katrinab Silver badge

        It is illegal for them to shut off water for non-payment.

    2. Anonymous Coward
      Anonymous Coward

      Well, here a few years ago Regione Lombardia started to send many requests to pay "unpaid" road taxes for the past years. Strangely, it was sent to many people who actually paid it.

      I'm quite sure they lost the data, and thought it was a good idea to send those requests - those who had paid would have sent the receipts, those who no longer had the receipts would have paid again (bonus!), together those who actually didn't pay.

      So, if Thames Watery just asked to re-register, it was the less evil....

    3. chivo243 Silver badge

      My guess is that their data\billing was not all centralized in one office, and data from one location is lost, corrupted or skipped due to programming error?

      1. Peter X

        Certainly smells like data-loss somewhere, but they don't want to admit it.

      2. Degenerate Scumbag

        All Thames Water's customer accounts were centralised on an IBM mainframe decades ago.

        1. xanda
          Mushroom

          Privacy apparently...

          "...centralised on an IBM mainframe..."

          We found it curious that Thames Water insisted how the need to re-register was for privacy reasons,which sounds like a half-baked 'dog ate my homework' cover for 'Yes, we really didn't think this through'.

          Turns out both are true. Accounts have been ported to some Microsoft backend service a consequence of which leaves LastPass scratching its head (so much for bookmarking then).

          The site now reports NET::ERR_CERT_DATE_INVALID - which is nice...

  2. Anonymous Coward
    Anonymous Coward

    "it could all have been avoided with a bit of Perl."

    Probably too expensive - it would have been a perl of great price.

    1. David 132 Silver badge
      Coat

      Besides, for a water company, they should be using the C language.

      Sea? Oh, please yourselves. Tough crowd.

      1. Richard 12 Silver badge
        Coat

        Probably gone a bit Rust-y

        1. Anonymous Coward
          Anonymous Coward

          Where's the soap ?

      2. Anonymous Coward
        Anonymous Coward

        At least you didn't suggest Coral !

      3. Korev Silver badge
        Coat

        Can't they just use Unix pipes?

        1. Anonymous Coward
          Anonymous Coward

          The data won't flow.

    2. macjules
      Coat

      Perhaps they could use Ruby, if Perl is too expensive.

  3. Joe 3

    Why no subdomain!?

    How amateurish that they registered a dodgy-looking domain to handle their email links, instead of just setting up a subdomain.

    1. Anonymous Coward
      Anonymous Coward

      Re: Why no subdomain!?

      Don't complicate things with that newfangled domain forwarding witchcraft. It'll only confuse these outsourced IT departments that can't do proper migrations in the first place. How you lose "some" customers records in the first place is beyond me, should it not be all or nothing once you map them over? Unless they really couldn't do it and everyone has to re-register first so they can actually do the rest of the migration using the account number.

      1. Psmo
        Pirate

        Re: Why no subdomain!?

        everyone has to re-register first so they can actually do the rest of the migration using the account number

        Asking for a re-registration is a good way of identifying when contact details are stale - which is a huge problem for historic utility companies.

        To those who reckon this will result in cutoffs:

        If they can't find the client, what's the betting they've lost the meter too?

        1. Anonymous Coward
          Anonymous Coward

          Re: Why no subdomain!?

          Indeed but realistically they should be able to extrapolate who is still billing or is a live account. Relying on customers to re-register is only going to lead to massive problems.

        2. DontFeedTheTrolls
          Headmaster

          Re: Why no subdomain!?

          "If they can't find the client, what's the betting they've lost the meter too?"

          Call me cynical, but if there's one thing you can guarantee they haven't lost its the meters. It will have been number one on the list of requirements to ensure all meters were transferred.

          1. Psmo

            Re: Why no subdomain!?

            For small businesses and personal contracts, sure.

            When you're dealing with Council and business accounts over 50 years, though (don't forget we're dealing with Thames Water), it can be a dog's recycled breakfast.

            And don't forget that the reason pipe marks are made on the pavement when works are being put in is because often the pipes are not where they are supposed to be...

      2. commonsense

        Re: Why no subdomain!?

        You run it on one record, it works fine, and then let it run through every record, and then see it fail miserably when it gets to "Mr Customer O'Water"

        1. el_oscuro
          Coat

          Re: Why no subdomain!?

          What happens if someone is named "O'Water; drop table customers; --"?

          1. Nick Kew
            Coffee/keyboard

            Re: Why no subdomain!?

            So when were you last a customer of Thames Water?

          2. Phil W

            Re: Why no subdomain!?

            You mean little Bobby watertable?

        2. Anonymous Coward
          Anonymous Coward

          Re: Why no subdomain!?

          Then clearly you aren't sanitising your migration properly. A simple bit of code would do that.

          1. jonathan keith

            Re: Why no subdomain!?

            I do hope that code will also check for truncate table too...

        3. Killfalcon

          Re: Why no subdomain!?

          I had an absolute bear getting my account away from nPower when I moved because they had my name down as "Mr The Occupier".

          I don't entirely understand how they managed to have the correct bank details and not put my name on the account. When I called them to say Id moved house (and, thank the gods, supplier as well) they were a bit "we need to talk to Mr Occupier" at first, bless their incompetent hearts.

          1. ibmalone

            Re: Why no subdomain!?

            Thẽ O'Cuppier is obviously a child of Irish and Vietnamese parents with French heritage many centuries ago.

            1. A.P. Veening Silver badge

              Re: Why no subdomain!?

              I am not aware of a French heritage in Ireland and in Việt Nam it isn't that long ago (1887 - 1954), but it sure deserves more than one upvote.

              1. ibmalone

                Re: Why no subdomain!?

                There's the Normans, all those Fitz-es, although people forget the French connection, but the group that come most readily to mind are the Huguenots. I was looking for an excuse for O' with a French sounding ending, but in reality don't think any French surnames were ever actually O'-ified (interestingly both O'- and Fitz- are originally patronomics).

                1. A.P. Veening Silver badge

                  Re: Why no subdomain!?

                  There were a couple of Normans that went west, but they landed at Hastings (in 1066) and didn't sail westward again for a couple of centuries. And the protestant Huguenots didn't go to Catholic Ireland. Lots of the ended up in the Netherlands and South Africa. And yes, O' usually means "son of", just like "Mac" and "Mc" (but not in the case of Machiavelli ;) ), while "Fitz" means "bastard son of". For that matter, I don't understand those Yanks giving their sons (mostly middle) names starting with "Fitz", one of the more well known ones being John FitzPatrick Kennedy.

                  1. ibmalone

                    Re: Why no subdomain!?

                    It does seem bizarre (I'm Sorry I Haven't a Clue once started a recording somewhere in NI with the story of the "Huguenots who fled to Ireland to escape religious conflict"...), but it is true. You have to remember there were all kinds of non-conformist churches (the Ulster Folk museum has a family tree of the various sects somewhere), and the Huguenots contributed to the success of the Irish linen industry: https://www.culturenorthernireland.org/features/heritage/huguenots-ireland

                    1. ibmalone

                      Re: Why no subdomain!?

                      (Should have added, we also had school trips to a whooping great Norman castle... https://en.wikipedia.org/wiki/Carrickfergus_Castle )

    2. Tom Wood

      Re: Why no subdomain!?

      Indeed. And if I were a phisher I could even register a much more convincing looking domain than online-thameswater.co.uk - for example thames-water.uk is available at time of writing.

      1. ibmalone

        Re: Why no subdomain!?

        On that subject, "online-thameswater.co.uk" somewhat suggests "thameswater.co.uk" is for offline use.

  4. Anonymous Coward
    Anonymous Coward

    Messed Up Security Questions - Lost Data

    I re-registered before i received the e-mail - and one of the security questions failed to implement the correct answer.

    Also - the loss of data is an annoying aspect. They asked for feedback every time you log in, and i always requested the ability to download your data as a CSV, but this never materialised. Now with the loss of data - tracking your past usage is much harder.

    As per telephone bills, they should allow you to see your usage on a day by day basis in document form, if the data is there.

  5. davenewman

    That's why I get them to send me paper bills

    I never trusted their IT systems.

    1. Inventor of the Marmite Laser Silver badge

      Re: That's why I get them to send me paper bills

      And how do you think those paper bills are prepared?

      1. Anonymous Coward
        Anonymous Coward

        Re: That's why I get them to send me paper bills

        They use printers of course.

  6. Psmo

    I reckon it's about stale contacts

    I've worked on a couple of historic utility company CRM systems and migrations.

    You have twenty contacts that are the same person, with four email addresses, one of which is a redirect following a buyout and one of which is invalid.

    And then you find that it's not the same person, but one is a former colleague that took over their accounts for some sites but didn't change the name on the account, just the email.

    Not excusing Thames Waters ham-fisted migration in this case, but forcing a contact renewal every ten years or so just makes sense.

    Your script will only help when that twenty becomes two hundred, but it only goes so far.

    1. Pascal Monett Silver badge

      Re: I reckon it's about stale contacts

      I agree. CRM data is often a total mess, and that does not help when migrating to a new system.

  7. FrogsAndChips Silver badge

    It's even worse than described

    The email I received didn't show my original account number, but the new one they had created for me, so I had no way of knowing whether the email was legitimate.

    So I logged into ThamesWater as usual (i.e not through the email link), couldn't find my new account number but was invited to re-register, so I decided the email must have been genuine, and used the new account number they had sent me. Account details were ok, so minor hassle in the end.

    That's when things turned out even weirder. I logged out (or was logged out), and when I tried to log back in, my password didn't work (the same password that had worked 5 minutes earlier). I used the 'reset password' link and received a nice, secure new password by email: "bdcee4", kid you not. Except, this password didn't work! So I tried my initial password again, this time it worked but I was prompted to change it anyway. All right I thought, I'll just copy/paste my current password twice: error, the passwords don't match! WTF? Copy/paste again, and I notice that the password string looks "2 bullets" longer (or shorter) in the "Confirm password" field. Yes, one of the fields will happily accept 18 chars or more while the other is limited to 16! Removed 2 chars, and my 'new' password was accepted.

    So now I have a brand new account number (was that really necessary?), and my password is 2-byte less secure (that really wasn't necessary), Thanks TW!

    1. a_yank_lurker

      Re: It's even worse than described

      The outsourced outfit probably outsourced to someone else who promptly outsourced to the eventual coder.

  8. Doctor Syntax Silver badge

    Wouldn't it be a great id for Thames Water to reassure their customers that this is genuine. If only they had a website where they could inform the public of what's going on.

    There is a website at thameswater.co.uk but it can't be genuine. All it does is issue self-congratulatory pats on the back to Thames Water instead of admitting that they've made a balls-up.

    1. Degenerate Scumbag

      It's official management policy in Thames Water to declare any failure a success. Like when they spent £250 million building a desalination plant that was supposed to have a 150MLD capacity, but can barely run for more than a couple of days at 25MLD. Didn't stop then CEO Martin Baggs from singing its praises in a self-congratulatory wank-fest of an opening ceremony.

      1. A.P. Veening Silver badge

        It's official management policy in Thames Water to declare any failure a success.

        Luckily for them, they don't have the reverse problem.

  9. Twanky
    Flame

    Unsure?

    "We're sorry for any concern this has caused and always encourage our customers to contact us if they're ever unsure about any letters, emails, calls or visits they receive from us or anyone claiming to be from Thames Water."

    So every time those bloodsuckers at HomeServe send scare letters under the Thames Water logo we should contact them?

    As for the migration and re-registration cock-up... pratts.

    1. paulf
      Terminator

      Re: Unsure?

      It's more than just TW passing customer information to the charlatans at Homeserve. I get them from my current water company, and the previous one before I moved.

      Worth noting that anything that looks water company related, but is really spam from Homserve, is marked "Marketing information enclosed" somewhere on the envelope. Just scribble over your address, write "Return to sender not known" and pop in the nearest post box. Let them deal with their own shite. It's never caused a problem back to my water company. Alternatively I open it, and fill the reply paid envelope with a selection of the take away, taxi and estate agent leaflets I get through the door and send it to them. See how they like getting some of my junk mail!

      1. Anonymous Coward
        Anonymous Coward

        Re: Unsure?

        Returning mail is always better if it is first taped to a rusty cylinder head

  10. Degenerate Scumbag

    Do not trust any public announcements from Thames Water regarding any issue at all. There is barely anyone left in the company that actually knows what they're doing, and the customer communication is left in the hands of totally clueless people.

    This extends beyond IT issues, and into the realm of operational matters and public safety. One example occurred last year during a burst main event in Hammersmith. They actually tweeted out that discoloured water is safe to drink. (It most certainly is not; they probably meant aerated water, but the people sending these public communication simply have no clue.)

  11. Mike 137 Silver badge

    Not an IT problem - a thought process problem

    Anyone who uses unecrypted unauthenticated email for sensitive transactions must have their brain switched off. Such email is the equivalent of sending a postcard written in pencil via an untrustworthy courier. Nevertheless, it's now deemed sufficient for the forming of contracts.

    Brave new world!

  12. DontFeedTheTrolls
    WTF?

    "The problem, ..., was that not all data had survived the migration from the company's 40-year-old billing system to something new and shiny"

    One of two scenarios:

    1. They planned not to migrate all the data, in which case WTF were they doing sending out communications in they way they did; or

    2. The migration failed and data was lost (did not survive) in which case WTF were they doing during the testing and trial migrations?

    Either way WTF!

    1. Anonymous Coward
      Anonymous Coward

      Migration isn't trivial in most cases.

      "2. The migration failed and data was lost (did not survive) in which case WTF were they doing during the testing and trial migrations?"

      They didn't have any, obviously.

      You need actually compentent people to make migrations like that, as it's a given that some of the data in old system is pure crap and needs to be sanitized first.

      That costs money, so they skipped it, put some general rules "field x into field y" and migrated everything. Afterwards they realize >3% of data is missing as migration script couldn't fit field x content it into field y.

      One typical reason for that is that old field is 7-bit (or 8-bit) ASCII and new field is UTF-8, similar length. "Data can't grow while being migrated!". Right.

      Add single special character and oops, data overflow, reject whole record. And no data in new system.

  13. T 7

    Phishy fishy FISH

    I get regular emails to my nhs.uk account asking me to open the attached encrypted html file. They are genuine, from ESR, the electronic staff record people. The thing is, no matter how hard they scratch their heads, peeps cannot work out how wannacry got into the system and why people felt safe to click such emails.

    If the good guys continue to engage in bad guy practice, the end user won't know which emails to trust and which not to. And I have reported at least 2 unsavoury emails to Trust IT departments that were truly bad.

  14. Anonymous Coward
    Anonymous Coward

    Legacy CRM...Oh Joy!

    Once upon a time, in a land far away, there was a big retail company. This big retail company had a lot of customer databases (was it twelve? I can't remember.) Anyway, they decided to have a project to merge all these databases into ONE BIG DATABASE.

    *

    When the project was nearing launch time, the VP nominally in charge of the project decided to see just how he (it was a he) figured in the new merged database. What he found was that he appeared at least four times in the database. When he asked the IT people about just how the project had merged the records, this is what he found:

    - He had lived at multiple addresses as he transacted business with the company as a normal retail customer

    - Over the years he had used multiple credit cards to transact business

    - He had appeared in many of the original databases

    - The algorithm used to "merge" records had decided that some of these separate database identities were different customers

    - The algorithm had even decided that multiple records in a single original database were different customers (address and credit card differences)

    *

    Ah.....the joys of legacy Customer Relationship Management. Welcome to the future!!

    1. Anonymous Coward
      Anonymous Coward

      Re: Legacy CRM...Oh Joy!

      By the way, in the USA it used to be common for companies to use Social Security Number (SSN) to identify individuals. Quite apart from the privacy problem, the idea was that SSN was unique to an individual. Alas, not so. It turns out that the Social Security Administration has issued duplicates an unknown number of times.

      *

      To really screw things up you need a government AND A COMPUTER!!

      1. A.P. Veening Silver badge

        Re: Legacy CRM...Oh Joy!

        To really screw things up you need a government AND A TWO COMPUTERS!!

        Fixed that for you, a single computer won't give out duplicate SSNs.

    2. Psmo
      Mushroom

      Re: Legacy CRM...Oh Joy!

      Just repeat the mantra:

      Automation makes our lives easier...

      Automation makes our lives easier...

      Automation makes our lives easier...

      Replace with Paperless office, AI, CRM, DevOps, Agile or systemd according to taste...

  15. adam payne

    The problem, according to a spokesperson for Thames Water, was that not all data had survived the migration from the company's 40-year-old billing system to something new and shiny.

    How does data not survive migration? unless this is a data clean up exercise.

    1. Anonymous Coward
      Anonymous Coward

      Character sets are difficult things

      "How does data not survive migration?"

      Easily. Old system has freeform text, new system has formatted fields and cross-checking and all bells & whistles, while old system was basically automated version of pen & paper.

      The amount of crap inserted to this kind of systems is staggering and migrating that to any system which verifies the data first is nigh impossible: Can't verify the data.

      Then there is this physical conversion from 7-bit ASCII to UTF-8 .... 32 chars(bytes) does not fit to 32 bytes any more, even single special character is enough if the field is full.

      Here in North we have ÄÖÅäöå and each of those is at least 2 bytes in UTF-8 ... somehow data grows while being migrated.

  16. Anonymous Coward
    Anonymous Coward

    Ah Thames Water.

    The cleanest water in Europe. It's been filtered through 8 people before it reaches you.

  17. Anonymous Coward
    Anonymous Coward

    Smart meter

    No doubt the new system will more easily link to the smart meters being foisted on Londoners.

  18. sitta_europea Silver badge

    So I have to re-register so they can send me a bill?

    Oh, quick! Where's my, er, where did I put... dammit why can't you find a computer when you really need one?

  19. A.F-G

    Two months later, it's still not finished...

    Hi, El Reg team!

    You may want to follow-up on this story... someone asked in the comments if they lost some data during transfer... well, I can confirm to you that Thames Water created a move on my account, affecting me a new meter and a new address (that I've never seen in my life), leading to billing problems. All happened around the 14/15/16 October, obviously. And getting an answer and a cancellation seems to be quite an ordeal.

    Antoine.

    PS: also, there's this story about login.microsoftonline.com ... and they payment processor which redirects you to some third party website (worldpay) without any reference in the frame asking for your banking card details...

    1. diodesign (Written by Reg staff) Silver badge

      You may want to follow-up on this story...

      Thanks a lot - I've pinged this on to the news team.

      C.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like