Feeds

PlusNet goofs on passwords

Hole in forum software

Top 5 reasons to deploy VMware with Tegile

ISP PlusNet is warning customers who use its forums that their passwords could, theoretically, have been accessed by a hacker.

The company was warned by a customer that the vulnerability existed and fixed it quickly. But it has still sent an email to several thousand customers who could be affected by the glitch. Several unimpressed PlusNet punters forwarded the mail on to us.

The email reads: "It recently came to our attention that a potential security problem existed on our website discussion forums (http://portal.plus.net/central/forums/). It could have been possible to exploit the forum software, and retrieve an encrypted copy of the password details we hold for your account."

A spokesman for PlusNet said: "Even if this was exploited it would not give access to payment details. Someone could post messages in the forums or change account settings. We have not seen any multiple log-ins or strange behaviour to suggest this has happened."

The spokesman said customers with passwords which are also dictionary words rather than a mixture of words and numbers should change them.

The company has also informed the Information Commissioner of the problem.

More info from Plusnet here. ®

Internet Security Threat Report 2014

Whitepapers

Why cloud backup?
Combining the latest advancements in disk-based backup with secure, integrated, cloud technologies offer organizations fast and assured recovery of their critical enterprise data.
A strategic approach to identity relationship management
ForgeRock commissioned Forrester to evaluate companies’ IAM practices and requirements when it comes to customer-facing scenarios versus employee-facing ones.
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.
Reg Reader Research: SaaS based Email and Office Productivity Tools
Read this Reg reader report which provides advice and guidance for SMBs towards the use of SaaS based email and Office productivity tools.
New hybrid storage solutions
Tackling data challenges through emerging hybrid storage solutions that enable optimum database performance whilst managing costs and increasingly large data stores.