* Posts by AMB

1 post • joined 7 Dec 2014

Plusnet customers SWAMPED by spam but BT-owned ISP dismisses data breach claims


This is definitely not just a random spam attack

I'm very pleased to see that various people have already done a most excellent job in shooting Mr.Anon well and truly down in flames. What utter tosh Re: catch-all e-mail accounts !!! It is, almost without any doubt whatsoever, the full or partial release of a current(ish) customer e-mail database. The only true unknowns are the extent of the data involved, the effective date of acquisition by Mr.Spammer and how he managed to get his grubby mitts on it in the first place.

There are plenty of reports suggesting that the database is definitely post May 2007 breach data although I can add that it does also include data previously acquired in the 2007 breach that hadn't been changed. It's not just 'new', 'recent' or modified data. It appears to be 'current' data at a given date. It doesn't however appear to include any data from 'free', 'dormant' or otherwise unused and/or unpaid-for accounts. I have several A/Cs and countless e-mail addresses both ancient and current, used and not used, very public and mostly private. I also monitor every e-mail ever sent to my A/Cs and retain archives of all of them.

There is no dictionary attack. There is no easy-to-guess-words or common words attack. There is no even remotely similar spam to other well used and well known addresses or even to various other addresses previously compromised by PN. This current spam attack is *ONLY* being directed to the primary e-mail address for my primary A/C. I have no need for smoke and mirrors. No need to wriggle, squirm or otherwise sound embarrassed trying to defend the indefensible. And certainly no need to make stuff up. Comprehensive archives going back to 2007 confirm everything that needs to be said: The spam campaign starting on 14th November currently solely consisting of VERY identifiable spam is ONLY being directed at one solitary e-mail address out of what is effectively an infinite number of potential e-mail addresses.

Based on all the 'evidence' posted in various places, the only plausible conclusion to this story is ... PN are being substantially less than entirely honest I'm afraid. It is implausible that so many customers could have suddenly seen the exact same problem at the exact same time from the exact same source purely randomly. There has to be a connection and that connection almost certainly has to be PN. Whilst it needs to be accepted that the data may actually have been physically acquired from elsewhere, the original source of the data, the responsibility for the data and thus the root cause of this problem IMHO has to be PN.


Biting the hand that feeds IT © 1998–2021