Skip Navigation

More security woes for BT as ICO to investigate email issues
Friday 14 March 2014 11:12:34 by Andrew Ferguson

The Register is claiming an exclusive on the news that the UK data regulator (ICO) is to investigate BT over claims that email accounts were having their security compromised.

The size of Yahoo! and popularity of its webmail platform has always made it a prime target for spammers and those attempting to crack the system and we reported on the problems a year ago and based on the people who come to us for help there are still on-going issues and even when Yahoo! warns people to change passwords there is the worry whether that warning is real or not.

The latest problems arise from a Critical Path (now called Openwave) whistle blower who disclosed in documents that The Register has seen that Critical Path may have exposed user credentials en masse, and that logging of the network may have also stored the credentials. It is not clear if any of these lapses have given spammers another batch of details or not, or whether this is theoretical and only a problem if an employer decided to lift the data and sell it to the highest bidder on the black market.

The security landscape is changing and with increasing broadband speeds and more powerful routers in the home, even these are being attacked, usually with DNS redirects being used. The advice to use different passwords for every login you have is becoming ever more important, as is changing the default admin credentials on any broadband router you have.


Posted by infinidim over 3 years ago
This issue about the BT mail being compromised has happened to me three times over the last two weeks. I have made an official complaint to BT about this as well but they seem not to be doing anything to sort out the security breach issues.
Posted by Michael_Chare over 3 years ago
I kept my btinternet account from the days of dial up, though as my broadband ISPs have had their own email systems I have not made much use of the BT account. Now with the move from Yahoo BT would like to charge me £1.60 pm. This security lapse is another reason for leaving them.
Posted by leexgx over 3 years ago
the issue is yahoo not BT (well its BT fault for using yahoo mail) and from what i have seen it does not seem that passwords are not been compromised the accounts are just simply been accessed like there is no password on the account

they seem to just bypass that completely and just "access" the account so they can send spam in one go

i thought BT was moving back to a real ISP mail again from yahoo mail due to the backdoor that yahoo currently has

changing the password does not matter as do not think they have it to begin with
Posted by PJHB over 3 years ago
BT's new customers must accept a Yahoo account in order to receive communications from BT. No other ISP I have used require this. So why does BT?

I then started getting group emails from an unknown organisation, using my address but referring to me as a different person. Yahoo seemed to be issuing the same email address to more than one account holder.

I could find no sure means of contacting Yahoo or BT to advise of this and get it sorted out.

With or without any proven Yahoo security breach, your identity isn't safe with this BT system.
You must be logged in to post comments. Click here to login.