Braking news: AA password reset email cockup crashes servers

Motoring monolith stalls as punters slam into website

UK car insurance giant the AA caused all sorts of confusion on Monday after accidentally sending out a "password update" email to people.

The alert led to motorists rushing to log into the motoring organization's website to change their passwords, only to overload the servers and effectively run them over. Brits were furious after discovering that they couldn't access their profiles, fearing hackers had broken into their accounts and changed their passwords.

In reality, no passwords had been changed and people couldn't log in purely because the servers couldn't keep up with demand, according to the biz, which offers driving lessons, vehicle insurance and loads of other stuff.

The AA took to social media in its attempts to allay concerns: "The email was sent by us, but in error. Your password hasn't been changed, and your data remains secure. Sorry for any confusion," it said.

Earlier responses from the AA were somewhat unclear, and might have been read as saying a widespread phishing attack was taking place. Not so. The dodgy emails were triggered by an inexperienced staffer pressing the "wrong button" or similar, rather than hostile hacker action.

Security pundit Graham Cluley added: "*That* email did come from the AA... but err, they didn't mean to send it. No data breach, and no need to change your password." ®

Sponsored: The Joy and Pain of Buying IT - Have Your Say


Biting the hand that feeds IT © 1998–2017