Menu
Reply
Highlighted
  • 8
  • 1
  • 5
Tuning in
725 Views
Message 91 of 165
Flag for a moderator

Re: Odd email from purporting to be from Virgin - Saying my info has been hacked on their server

I won’t waste my breath repeating it directly, enough others have repeatedly said all I would have said, but I offer some points that relate to this, and some comments said by some to further the point(s):-

Did they wheel clamp Usain Bolt?
It doesn’t ring true as the speeds we are told about with this so seriously slow.

The email I got had only my 1st name, yet sites like eBay and PayPal repeatedly state they use both first, and last names, as an indicator to it being recognised as being from them, I don’t know why that isn’t done here, I’m not saying it makes something safe as such, just one little detail that used with other details can aid spotting fake emails.

The ‘password’ is as useful as spreading butter outside when it’s 100 degrees, personally I always use 31 character passwords where allowed, with every possible option allowed, but when sites like this strangle the options, and limit the count to the digits on both hands, it’s just P’ing in the wind, some will ask why do I use such passwords, simple, because I can, that and the fact it would take x trillion years to crack, I use LastPass to create and store them, I wouldn’t have a hope in hell of remembering 1 sites password, let alone the 400 (near enough, past\present) I use, that creates passwords to whatever setting I want, and I only need to remember 1 password, and that’s the one for that tool.

If it’s taken nearly a year to be told of this breach, how do we know that Virgin aren’t doing what big company’s do, namely damage limitation by only telling us bit’s of info, as opposed to the full story, as is being suggested by TurgenSec?

Incompetent staff; At least that’s what is coming across, blaming a member of staff messing up, that may well be true, but then it’s nothing many didn’t know anyway, don’t get me wrong, when you get someone who knows their job it’s brilliant service, but end up with someone who doesn’t, then you know why many feel like this.

We are very sorry to have to inform you...” Fine, but what will you do about it?

but we currently understand that the database was accessible from at least 19 April 2019” Further details will be forthcoming as and when I trust?

The database was used to manage information about our existing and potential customers in relation to some of our marketing activities. This included: contact details (such as name, home and email address and phone numbers)” Maybe this is why we get phone calls from the other side of the world, trying to sell us, or upgrade us to another service for being such a good customer?

In a very small number of cases, it included date of birth” Why is this a small number?
Do you pick and choose what info goes where?
And ‘IF’ there are ‘some’ cases, surely that would mean everyone’s DOB was on there as well?

I for one want to know the FULL, extent as to what was breached, so I can be on alert of what may be relevant to me, as per another user who has already had stuff coming through, all related to id theft, and some are questioning why people want compensation!

While not everyone has faced any fallout from this (so far at least), some have, and just because you haven’t lost any money personally, that doesn’t mean they haven’t suffered directly due to this.

We take our responsibility to protect your personal information seriously” And yet you have failed!

We know what happened” That’s not the full picture of what is showing here, have they been Arrested\Sacked etc?

why it happened” And..., I’m waiting

we immediately shut down access to the database and launched a full independent forensic investigation. We have also informed the Information Commissioner’s Office” Really? 🤯
I imagine that’s all laid out in law, and that you have to do it, I trust the report will be made public to the world?

Here are my tip’s gained from following security closely when it relates to me, that I’ve seen and adopted over the years, so I don’t claim to fully understand such points, but where I saw such tips, they were very well versed in protection and best practices, and some are those that help people to get rid of infections, so here they are:-

Passwords; Never start a password with a number or a character, nor repeat the same character twice in a row.

Then the greatest tip that’s always repeated (because people just don’t do it), and that’s NEVER, use the same password twice, it’s the one most common mistake people make, and saying you’d never remember that many passwords is irrelevant, there is no excuse at all for it, as there are password managers out there, and free, and that is the only password you need to remember, and that’s the one for the account with them, so make sure you increase the complexity of that 1 password, make sure you mix upper\lower case, numbers and characters in it as well.

The 2 biggest ones that I always see are LastPass and Dashlane, I use the former, as I find the latter very complex to use with the amount of stuff I use, but never use Google, nor any other browser to remember such details, they are just not secure, if you have\are used\using a browser, I strongly suggest deleting and blocking any further use by going into the settings, and turn off all the Auto-fill options, and if you can tie your mobile to the password manager (LastPass has this, I don’t know about Dashlane though) then do it, it’s the only chance of getting back into the account if you get locked out.

Also never use family\dates\pets or any of multiple such obvious ones, as anyone who knows you will easily guess them, should they have a mind to stuff you up, or even just to hack you off, so give it some thought.

Emails; I use multiple email accounts, over a dozen, but they are a great tool in protecting your details, the greater the risk, or the lesser of it’s importance, the more disposable it is, obviously the average person shouldn’t need anywhere near as many as I have, I only have that many due to helping on forums, most probably only need around 3 or so, graded from one for family and\or friends, another for bills and so on.

I was going to list more tips, but to be honest I’m in too much pain to keep my thought process going, so I will leave it with a final thought;

The spelling of the Name that was pointed out, did they miss the C from the first name? 🙈🙉🙊
It would explain a lot if they did. 🤣

Highlighted
  • 32
  • 0
  • 11
On our wavelength
685 Views
Message 92 of 165
Flag for a moderator

Re: Odd email from purporting to be from Virgin - Saying my info has been hacked on their server

Can it be explained why some people received this notification on an email that isn't their Virgin Media email?

In my case, it's the email I use for this forum - although searching my email history suggests I also used it as a contact address one time for a hub upgrade.

* Does the leak include information related to community.virginmedia.com accounts?

* And does that mean that in those cases, the leak could only include data related to these accounts? I mean, I haven't filled in any personal information in my profile for this website, but it's unclear from the email what personal data Virgin Media have associated with that email account, that might have been leaked.

If this isn't the case, then it's unclear why it was sent to this alternative address - even if I did once use it for a hub upgrade, Virgin Media still continue to send me emails at my Virgin Media email address, so why wasn't that used for this data breach?

Well, I guess we can all do some GDPR requests...

0 Kudos
Reply
Highlighted
  • 317
  • 4
  • 18
Superfast
594 Views
Message 93 of 165
Flag for a moderator

Re: Odd email from purporting to be from Virgin - Saying my info has been hacked on their server


@mdwh wrote:

Can it be explained why some people received this notification on an email that isn't their Virgin Media email?


I used my personal email address (which is not a Virgn Media email address) on 2 times, one for the Christmas competition in December 2019 and when they was giving away a PSN or Xbox code for a free skin, for one of the Destiny games at the time.

The email that was sent to the none VM email was sent with Hello but no name in the message.

So maybe something like that, they got your other email address.


@mdwh wrote:

* Does the leak include information related to community.virginmedia.com accounts?


I don't think it the community.virginmedia.com had any leaks as it run by a 3rd party (Khoros) and not Virgin Media from my understanding and I never got an email to the email address I use here.

Hope that helps as VM are being tight lipped about this.

_____________________
Regards
Gaz
0 Kudos
Reply
Highlighted
  • 407
  • 13
  • 41
Fibre optic
586 Views
Message 94 of 165
Flag for a moderator

Re: Data-incident 19th April 2019

A couple of days ago I received the email regarding the data breach which was discovered last April.

Last night I received the standard personalized email requesting my feed back which began

"Thanks for using one of our self-help services. At Virgin Media, we want to give you great customer service so we'd really like to find out how things went for you whether this was using our website, our automated telephone system or the Virgin Media Community page so we can make improvements wherever we can."

I am fairly certain that I have not used one of your self-help services, so could this mean that someone else has ! This is very concerning.

0 Kudos
Reply
Highlighted
  • 317
  • 4
  • 18
Superfast
574 Views
Message 95 of 165
Flag for a moderator

Re: Data-incident 19th April 2019


@Enduser wrote:

A couple of days ago I received the email regarding the data breach which was discovered last April.

Last night I received the standard personalized email requesting my feed back which began

"Thanks for using one of our self-help services. At Virgin Media, we want to give you great customer service so we'd really like to find out how things went for you whether this was using our website, our automated telephone system or the Virgin Media Community page so we can make improvements wherever we can."

I am fairly certain that I have not used one of your self-help services, so could this mean that someone else has ! This is very concerning.


We got one too, but I did login to the main account via VM site, I just binned it as they would not want my opinion at the moment.

You may want to login and change your password just incase, even thought VM said no password was leaked. Better to be safe then sorry.

_____________________
Regards
Gaz
0 Kudos
Reply
Highlighted
  • 556
  • 38
  • 50
Forum Team
Forum Team
573 Views
Message 96 of 165
Flag for a moderator

Re: Data-incident 19th April 2019

Hi Enduser,

 

Thanks for posting in our community. We really appreciate you bringing this to our attention, we do not feel like this would be a suspicions phishing email however we would like to make sure for you.

 

Are you able to send us an email and attach the email you have received please? you send it to 

 

twitter@virginmedia.co.uk for the attention of Jodi.

 

Kind regards Jodi.

0 Kudos
Reply
Highlighted
  • 27
  • 0
  • 22
On our wavelength
540 Views
Message 97 of 165
Flag for a moderator

Re: Data-incident 19th April 2019

Hi Jodi
I got the same email, would you like me to send it to the above address or do you have enough information now?

Daz
0 Kudos
Reply
Highlighted
  • 4.25K
  • 279
  • 1.39K
Community elder
534 Views
Message 98 of 165
Flag for a moderator

Re: Data-incident 19th April 2019


@Jodi_S wrote:

Hi Enduser,

 

Thanks for posting in our community. We really appreciate you bringing this to our attention, we do not feel like this would be a suspicions phishing email however we would like to make sure for you.

 

Are you able to send us an email and attach the email you have received please? you send it to 

 

twitter@virginmedia.co.uk for the attention of Jodi.

 

Kind regards Jodi.


Will attaching the suspicious email to another email to send to you not compromise the header information in the suspicious email?

(EDIT: Forget that, I was thinking about forwarding, not attaching. Sorry.)




It's What I Do.
I Drink and I
Remember Things.
0 Kudos
Reply
Highlighted
  • 556
  • 38
  • 50
Forum Team
Forum Team
527 Views
Message 99 of 165
Flag for a moderator

Re: Data-incident 19th April 2019

Thanks for coming back to us Enduser,

 

We understand your concerns over this matter. If you would prefer you can send it directly to our Phishing email address at Phishing@Virginmedia.com.

 

Kind regards Jodi 

0 Kudos
Reply
Highlighted
  • 317
  • 4
  • 18
Superfast
469 Views
Message 100 of 165
Flag for a moderator

Re: Data-incident 19th April 2019

Here are the header from the email, I have remove the bit before the @ntlworld.com and change it to EMAIL also removed the unsubscribe link

Return-Path: <void-bounce-EMAIL=ntlworld.com@express.medallia.eu>
Delivered-To: EMAIL@ntlworld.com
Received: from md7.tb.ukmail.iss.local ([212.54.57.71])
by mc56.tb.ukmail.iss.local with LMTP id IIufCsPDYl65DwAAmVyaIQ
for <EMAIL@ntlworld.com>; Fri, 06 Mar 2020 22:42:27 +0100
Received: from smtpclienthelo ([212.54.57.71])
by md7.tb.ukmail.iss.local with LMTP
id 0EB2CsPDYl4XBAAAKMCudg
(envelope-from <void-bounce-EMAIL=ntlworld.com@express.medallia.eu>)
for <EMAIL@ntlworld.com>; Fri, 06 Mar 2020 22:42:27 +0100
Authentication-Results: ukmail.iss.as9143.net;
spf=pass (199.102.176.222;express.medallia.eu);
dkim=pass header.d=survey.virginmedia.co.uk;
dmarc=pass header.from=survey.virginmedia.co.uk (p=quarantine sp=quarantine dis=pass);
X-Env-Mailfrom: void-bounce-EMAIL=ntlworld.com@express.medallia.eu
X-Env-Rcptto: EMAIL@ntlworld.com
X-SourceIP: 199.102.176.222
X-CNFS-Analysis: v=2.3 cv=RMIo47q+ c=1 sm=1 tr=0 b=1 cx=a_idp_d
a=D3X/3KCjzbMMPxKaT7M4Wg==:117 a=D3X/3KCjzbMMPxKaT7M4Wg==:17
a=1oJP67jkp3AA:10 a=oHHRNoSmSjYA:10 a=SS2py6AdgQ4A:10 a=ZZnuYtJkoWoA:10
a=zYnf-7WhAAAA:8 a=NcN59idvAAAA:8 a=9x0yxzTPAAAA:8 a=5rvu8Qqo-cEApxcUWecA:9
a=B38PSMZ1wNyk7k-x:21 a=iY3vIRb977ppmv1N:21 a=QEXdDO2ut3YA:10
a=Iy-9C32_d_AA:10 a=-FEs8UIgK8oA:10 a=NWVoK91CQyQA:10 a=SSmOFEACAAAA:8
a=soJQb77393VCAH05eJQA:9 a=Xi-acx1KHGdx7-y0:21 a=PMbX4FwcMLLS7T3s:21
a=ZifB-gt3l5GUXg72:21 a=frz4AuCg-hUA:10 a=MsoVfWoqLnsA:10
a=P8V8LcZ_WmZkhtgTkOmy:22 a=LA429XfJCMn8HVAVu8zG:22 awl=host:17332
Received: from lon222.mx.medallia.com ([199.102.176.222])
by mx4.tb.ukmail.iss.as9143.net with ESMTP
id AKetjpHOL6YknAKetj1r2k; Fri, 06 Mar 2020 22:37:27 +0100
Received: from mx-eu.medallia.com (localhost [127.0.0.1])
by mx-eu.medallia.com (SMTP) with ESMTP id 732DF42769A
for <EMAIL@ntlworld.com>; Fri, 6 Mar 2020 21:37:27 +0000 (UTC)
Received: from express.medallia.eu (unknown [10.80.120.51])
by mx-eu.medallia.com (SMTP) with ESMTP id 3FB9042763C
for <EMAIL@ntlworld.com>; Fri, 6 Mar 2020 21:37:27 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple;
d=survey.virginmedia.co.uk; s=default; t=1583530647;
bh=5scdXPAMTldSFDT037T2hqwcMT889n3G8oGqg25WTPw=; h=From:Subject;
b=sPw6CBh1kVBOUBlNa7BC11KOIz9axS6dzKKlDCwjVSRwBRS9a/H8W738Ey7ZuujB6
047+as0dHxZM3ZgQ75NkVV0AJg/W/fRtdRT4sM59i9X0skc8Vi7V7gm3I0sICbS1qk
ajk7pGiYdg+GEvqr742grgc5XrX/jzAZbkG5r53M=
Date: Fri, 6 Mar 2020 13:37:26 -0800 (PST)
From: Virgin Media & Medallia <YourOpinion@survey.virginmedia.co.uk>
To: EMAIL@ntlworld.com
Message-ID: <k7gp9f2n.1rm7s5fwjvfe6@express.medallia.eu>
Subject: The Virgin Media team would like to hear your feedback
MIME-Version: 1.0
Content-Type: multipart/alternative;
boundary="----=_Part_97159_742967922.1583530646639"
List-Unsubscribe: <REMOVED>, <REMOVED>
List-Unsubscribe-Post: List-Unsubscribe=One-Click
X-Medallia-Company-Name: VirginMedia
X-Medallia-Company-URL-Name: virginmedia
X-Mail-Sequence: 1459538
X-Virus-Scanned: ClamAV
X-CMAE-Envelope: MS4wfMd9Gsec3JUcQty+LcuatVSGu5YUzgJXrvR8cSHMlfTd/6HcKzQ4bD5drFNQrHs0tRt3jpQ6uglANZiu3CNub4s4Pmo8+1kNnJ22kpXbd+BqjVLZPRyt
6Kix7kVzeknMbl/Xv3SmkilZ3Sjr6Jk/PcD5+UexOuWkLcwet88qakOa1SI7/0HFdZsmnF4+zjg5T87DtdoNOb5VP32GBrdfB1cRZ1GoQCDzniUT7NXQ38er
ze/azEVhNQgUsta7iamWvw==

 

_____________________
Regards
Gaz
0 Kudos
Reply