Community FAQ
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Password reset - different name (Investigating)

aaaanditsgone
Tuning in

on ‎14-11-2022 19:07

Hi,

My virgin media account password has been reset by someone else several times since last Friday. Shortly after it happens, I lose access to my email and have to reset the password to regain access. I have also changed the recovery answer to a long random string which didn't help.

Is there some kind of exploit with the password reset system that allows an attacker to bypass the recovery question? The last two password reset emails even show a different name to the one from my account.

Thanks

 

 

[MOD EDIT: Currently under investigation. Multiple threads merged]

331 REPLIES 331

hotmud
Up to speed
In response to Pumba

on ‎15-11-2022 10:41

Same here. Philip and Roger. Also blank. Password failed Friday 11th, I manually reset it and got the email to Philip. Then it failed again Monday 14th. This time  I was ROGER!

what the hell is going on VM??

scarletp
Superfast
In response to loscassidy76

on ‎15-11-2022 10:51

My son who has one of our secondary accounts received the same format email at 2pm yesterday 14 November 2022.

It was exactly as other users are receiving and addressed to Hello ROGER and said that the password had been changed successfully. etc.

Son had been unaware of the email until this morning as he had been unable to login due to his usual password not being recognized and spent a fruitless evening trying to access his mails. 

Today he has managed to change his password himself and all seems ok... so far?

What is going on?

podgorny
On our wavelength
In response to Finnred

on ‎15-11-2022 10:52

Yes they do monitor it and they are investigating this as they know it’s an issue. I have had replies from a VM forum moderator. 

Arbu
Tuning in

‎15-11-2022 11:01 - edited ‎15-11-2022 11:32

Since last Friday I keep getting "Login to server imap.virginmedia.com with username xxxxxxxxxxxxx failed." when I try to access my emails on my PC through Mozilla Thunderbird and similar problems on my phone. I can access them OK through the Virgin Media website. The first time I got the message I changed my password and, on updating this on my PC, it worked OK. But now I'm getting the message again. I've also had several messages that I have changed my password, addressed to different people. Yet I only changed it once.

How do I fix this?

0 Kudos

paulc010
On our wavelength

on ‎15-11-2022 11:21

Have had this happening since Saturday (blueyonder email address). Seriously concerned that their system has been compromised (either directly or via some security flaw exploit) and they are just sticking their head in the sand, as always. Customer service person assured me my account was "secure" after I changed the password, but it is clear to anyone that the account is far from secure.

Will be getting rid of all Virgin Media products just as soon as I can. Thankfully I'd removed this email account from everywhere (important) I was using it. A lack of effective 2FA makes their offering unfit for purpose.

Does anyone know what action triggers the password updated emails? The password change email isn't the same and doesn't have a name on it and doesn't refer to the password being "updated" - so it isn't the same mechanism I've been using to change it to get back in. 

Paul

Finnred
Tuning in
In response to podgorny

on ‎15-11-2022 11:38

Thanks for confirming
0 Kudos

ALF28
Super solver
In response to ALF28

on ‎15-11-2022 11:41

It is not unusual to get emails with the TO having an address that is not your own, this is usually where an email has been sent to a group of addresses using Bcc.  These emails may be clever fakes.

I often get them and regard them as dangerous spam or spoofed/forged emails.

Any email that is not address to yourself is suspect, or sometimes it is to recipients

It is best not to click on any links or images and downloads/attachments in these types of emails.

Also, if you think you have been hacked, check that no auto forward has been set up in your email account by the hacker.

It is possible other sessions of an email can remain logged in, I recently had a message on logout to close all browsers which was unusual after finding messages in my trash sent from myself which I had not sent.

Virgin have removed the facility to close all sessions which may be less secure.

Password changes can be tricky, I have been locked out a few times myself. there is time delay changing passwords that can be approx 10 minutes 

I suggest you do some antivirus scans also.

I no longer use my virgin ISP email and use "more secure" free email providers that have 2 factor authentication such as Outlook.com, Gmail.com, Yahoo.com.

Graham_A
Very Insightful Person
Very Insightful Person
In response to ALF28

on ‎15-11-2022 11:47

@ALF28  The particular issue under investigation in this thread is not a case of the TO address in an email being spoofed.  It relates to password reset notifications bearing the name Roger or Philip rather than the actual contact name.

________________________________
Graham

I'm a Very Insightful Person, I'm here to share knowledge, I don't work for Virgin Media, I'm a VM customer. There are no guarantees that my advice will work. Please read the FAQs
Have I helped? Click Mark as Helpful Answer or use Kudos to say thanks

ALF28
Super solver
In response to Graham_A

‎15-11-2022 11:48 - edited ‎15-11-2022 12:44

amazing?

So, are these password changed emails from virgin or is it a scam. I have not had one myself, does it only affect secondary emails?

see

'Your Password Has Been Changed' Email Scam Uses Improbable Lure (cyclonis.com)

Perhaps, following investigation by virgin these emails should be blocked or tagged as spam, unless it is an administration error?

 

0 Kudos

Pumba
On our wavelength
In response to Arbu

on ‎15-11-2022 12:38

see other posts, there are lots of people having problems at the minute 

Top