In that particular thread, it appears VM have advised the customer to use TLS in a letter around 2 weeks post-breach. Unless @7WalnutClose has skipped over the rest of the letter, this sounds like a ludicrous response.
Surely, it'd be prudent to either lock the account (such that no further spam can be sent) or force a password reset and then advise the customer to use a secure protocol in future?
With that in mind, can someone at VM explain the process of alerting customers of a potential breach please?
I'm all for promoting the use of TLS, however much of VMs infrastructure is woefully configured... and in many cases, completely & utterly insecure.
For example, the TLS certificate on virgin.net, blueyonder.co.uk & ntlworld.com are all invalid (expired, wrong common name, SHA1 signed, weak cipher suites et al). Quite how your admins have missed a cert which expired in 2015, I'll never know.