Broadband News

Fasthosts tells customers to reset password after hacking fear

Internet Service Provider Fasthosts has sent customers an e-mail asking them to reset their passwords following an investigation into a major security breach affecting their customer database.

"We are writing to inform you that we have recently discovered evidence of a network intrusion involving a Fasthosts server. We have reason to believe that the intruder has gained access to our internal systems, and that this may have in turn given them access to your username and some service passwords."

Fasthosts e-mail to customers

The firm is asking customers to reset all password to their control panel and hosting services. They have not specifically mentioned broadband services in the e-mail we've seen, but users would certainly be advised to change any passwords in any case.

More information is available at TheRegister.


This also applies to UKReg customers (I got my email via them) and any customers of the large number of resellers of both brands..

Would it not have been better to actually reset the passwords themselves, then let customers use the standard 'forgot password' options to get the new one?

  • irrelevant
  • over 13 years ago

I am wondering why a experienced and large isp is storing passwords in plain text.

  • chrysalis
  • over 13 years ago

Chrysalis - there are reasons to use plain text including where integration between multiple systems causes issues because they need replicating between systems where a single authentication system is not possible. Some legacy setups might be a reason.

  • seb
  • thinkbroadband staff
  • over 13 years ago

"where a single authentication system is not possible."

There are lots of things which are *possible* in software which often don't get done because companies/organisations often aren't motivated to implement them. Decent cross-platform authentication might be one of them.

  • c_j_
  • over 13 years ago

i didnt know operating systems and programming languages can no longer use simple basic encryption like md5

absolutely dispicible that such a large isp is storing passwords in plain text now think of the amount of people that use the same password for everything and what doors the stolen data could open

  • AdamGz0r
  • over 13 years ago

What a load of rubbish.


  • pete01
  • over 13 years ago

Post a comment

Login Register