We'd like to remind Forumites to please avoid political debate on the Forum... Read More »
📨 Have you signed up to the Forum's new Email Digest yet? Get a selection of trending threads sent straight to your inbox daily, weekly or monthly!
IMPORTANT! Have you received an email to your forum username?
Comments
-
chicken_or_egg wrote: »Well, there could be a range of possibilities, but just 3 of them might be
- maybe it relates to a user name which for whatever reason, maybe personal, they don't want to be seen posting on here any more
- it could be to a user name which was banned
- maybe they haven't logged in for so long that they can't remember the password, and they can't get a reminder email for the password because the email address was volatile, like hot mail - if you don't use it for months it gets canceled
Yes, that seems an illogical suggestion if they just received an email relating to an address used here, but maybe they changed the registered email address once or more
If anyone is in that category, changing their email, they may be able to offer a bit of help to MES in pinning down when the leak occurred - if that's not yet known behind the scenes
My email was to a user name I do not use , and to different email address to the one I registered this user name with if that makes sense?.0 -
There's no duty on MSE or anyone here to try to deal with that kind of ignorance. Nor should it be necessary for so many posters like Rossy to have to keep on stating the blindingly obvious:
1: A botched attempt to trap the unwitting has so far managed only to flush out a lot of people who don't like Martin Lewis, loathe this website, but are delighted to benefit from his work and that of this forum;
Well no, they've sent out several hundred thousand spams, you've got no clue whether or not any of them have paid off.
Chances are they have, the guys that have done this are not stupid (or if they are, they are unlikely to be the original source of the compromised data, in which case other crooks have also got the info).
And yes, it has been pointed out that MSE doesn't seem to be on top of the technical side of things before, that's quite right, see for instance https://forums.moneysavingexpert.com/discussion/1624247
Now here we have (more) proof of that in that the database has been massively compromised.
No, it's far worse than that. If the site's DOSed, I probably don't even notice, unless I'm on it, but if they get my details, then that's a bigger concern.2: The botched attempt was *not* a Denial of Service attack on MSE to bring the site down as happened some time ago (and can happen to any site, anywhere);
The first evidence appeared a few hours ago and now you're demanding proof of personal data being compromised too?3: The botched attempt has yet to yield any evidence here or anywhere else of an MSE user's bank account, personal data, or any other details falling into the hands of the scammers;
Plenty of MSE users WILL have been victims of id theft, fraud, etc., whether or not as a result of this site being compromised or something completely different is very hard to say, the crooks just want to hack their paypal (or whatever), they are not going to leave a 'PWNED through MSE' calling card.
Well yes, you're right, but that's a little rude, most people don't realise that if they make their password for their email 'ilikepeas' and then use the same password on a site like this, that that's a big risk.4: A lot of people are worried, and have good reason to be so, because if they hadn't realised until now that leaving the house with all windows and doors open and then walking out blind-folded into dense traffic is Not A Good Thing, then thank Gawd they do now.
Most webmasters don't pay any regard to data protection at all.As for lecturings about data protection legislation, and the penalties for breaching same, no webmaster needs a lesson in that from posters who give every appearance of not having the slightest clue what they're on about.
Again, this subject has been raised before too:
https://forums.moneysavingexpert.com/discussion/comment/30221539#Comment_30221539
Well you've certainly passed judgement....As ever, the most sensible posts from folks here have been from those who decline to rush to judgment and prefer instead to let MSE get on with sorting out the how-what-when-who-where of the current situation.0 -
What I cant understand is why have some people including me not yet received the email?
have they gone after people with personalised emails?0 -
What I cant understand is why have some people including me not yet received the email?
have they gone after people with personalised emails?
these emails are not all sent at once, they are sent using many many compromised servers in multiple countries over many hours. Because it's distributed, it doesn't mean that all the bot nodes will work properly.
Or it could simply have been spam filtered.0 -
alwaysonthego wrote: »Mine arrived in my spam box.
I am wondering why everyone is worried about them getting our email adds?
Because once they have your email address (and know that it's a 'live' address, which the address registered against a forum account is very likely to be) it'll get passed around spammers and more and more spam will be sent to it, I'm afraid.
You may have been lucky today and the spam was filtered into your spam folder, but that might not always be the case: there's literally a constant battle between spammers trying to find ways of writing emails that get around spam filters, and the spam filter developers trying to find way to detect and filter new spams. You wouldn't want it to get to the stage where you're having to constantly manually weed out 'clever' spams from amongst your real email.0 -
i got one today as well0
-
The_Gerbil wrote: »Just joined the list of people who have been sent it.
My first thought would be a vBulletin 3.8.4 hack. Has that been ruled out. I'm afraid I haven't read all the posts in the thread.
It's very likely to be vBulletin, either the current version or previously. Everything apart from the website should not be remotely accessible.
And of course PHP web forums have had vast numbers of exploits in the past, vBulletin included.0 -
I also received on, but had a feeling it wasn't right as it just didn't ring true.
I have a domain address, and after reading a few, not anywhere near all, of the posts, do I get the gist that it would be better if I changed it?
Thanks, and commiserations, Martin and all the team.
SueSealed Pot Challenge 001 My Totals = 08 = £163.95 09 = £315.78 10 = £518.80 11 = £481.87 12 = £694.53 13 = £1200.20! 14 = £881 15 = £839.21 16 = £870.48 17 = £871.52 18 = £800.00 19 = £851.022021=£820.26[/SizeGrand Totals of all members (2008 uncounted) 2009 = £32.154.32! 2010 = £37.581.47! 2011 = £42.474.34! 2012 = £49.759.46! 2013 = £50.642.78! 2014 = £61.367.88!! 2015 = £52.852.06! 2016 = £52, 002.40!! 2017 = £50,456.23!! 2018 = £47, 815.88! 2019 = £38.538.37!!!! :j0 -
Hello, I have had this too and have forwarded it on to the MSE email.
xxx0 -
I, too, received this email today, but it was addressed to a very old username on this site (last used circa 2005). Wirenth did not receive the spam. Very weird.Good, clean fun....MFW #11 2015 £7657 / £8880
0
This discussion has been closed.
Confirm your email address to Create Threads and Reply
Categories
- All Categories
- 351.3K Banking & Borrowing
- 253.2K Reduce Debt & Boost Income
- 453.7K Spending & Discounts
- 244.2K Work, Benefits & Business
- 599.4K Mortgages, Homes & Bills
- 177.1K Life & Family
- 257.7K Travel & Transport
- 1.5M Hobbies & Leisure
- 16.2K Discuss & Feedback
- 37.6K Read-Only Boards