We'd like to remind Forumites to please avoid political debate on the Forum. This is to keep it a safe and useful space for MoneySaving discussions. Threads that are - or become - political in nature may be removed in line with the Forum’s rules. Thank you for your understanding.

Do not login to A&L this morning - HACKED

mattcodes
mattcodes Posts: 19 Forumite
edited 19 April 2011 at 8:01AM in Budgeting & bank accounts
Alliance and Leicester online banking has been compromised.

The login bank references malicious code to capture your details.

If you goto Google news and type santander you'll find a link to financial blog finextra that has more details.

This is not a phishing attack. A&L servers have actually been compromised. I've alert the PR department but it could take a few hours.
«134567

Comments

  • Biggles
    Biggles Posts: 8,209 Forumite
    1,000 Posts Combo Breaker
    :spam:????
  • mattcodes
    mattcodes Posts: 19 Forumite
    Eh? Not spam. Just doing my bit, its a warning to any A&L customers this morning as the hack is still ACTIVE.

    I found it hard to believe myself, i spotted it yesterday but thought it was just my machine, now its been verified by the techies.

    Their website is currently compromised. Ignore at your discretion. I posted the link to Stackoverflow if the techies if they dont believe it, thats all.
  • poppie123
    poppie123 Posts: 957 Forumite
    Part of the Furniture Combo Breaker
    I logged on this morning before reading this. What should i do?:(
  • mattcodes
    mattcodes Posts: 19 Forumite
    edited 19 April 2011 at 7:57AM
    Just hold fire. They will have to disclose this now. If you incur any loses Santander is responsible. Unlike a phishing attack / email-scam, in this instance the fault lies solely with Santander as their OWN infrastructure has been compromised. I'll update the thread once I see the vulnerability has been removed.

    Do not login again to change password as we dont know the scope of vunerability, they manage to get write access to Santander webserver so the whole chain could be vunerable. If you must check balance or do transfer, call them or go the branch
  • poppie123
    poppie123 Posts: 957 Forumite
    Part of the Furniture Combo Breaker
    molerat wrote: »
    Thankyou for registering with this forum today just to warn us about this !! :spam:

    So is this a load of nonsense? and i dont have to worry?
  • mattcodes
    mattcodes Posts: 19 Forumite
    edited 19 April 2011 at 8:03AM
    Eh? Well okay im full of sh*t. just keep a idea on google news later today if you dont believe me. What exactly am I spamming?

    Can someone techie go view the source of A&L login page and read from line 5 and you'll see the hack and come back and post and put these muppet that keep calling spam to rest

    Molerat: Go to Google news and type santander you see first report by finextra.com

    Im just giving people a heads up that's all... I wont bother next time..
  • poppie123
    poppie123 Posts: 957 Forumite
    Part of the Furniture Combo Breaker
    Terrific! as if i don't worry enough now i don't know what to believe.

    Should i contact A+L and do something?
  • mattcodes
    mattcodes Posts: 19 Forumite
    If you're using a modern browser they're probably only limited damage. But the fact they were able to compromise A&L/Santander infrastructure directly is very concerning, at this stage we dont know what else they cracked. They'll take offline shortly I hope for everyone's sake. Ive emailed A&L etc.. but no response. Perhaps Martin has a contact he can notify. ?
  • Sazzarella
    Sazzarella Posts: 403 Forumite
    Part of the Furniture Combo Breaker
    Articles regarding the possible hack.

    Finxtra

    Stackoverflow
    Married 30/08/14 :heartpuls
  • poppie123
    poppie123 Posts: 957 Forumite
    Part of the Furniture Combo Breaker
    mattcodes wrote: »
    If you're using a modern browser they're probably only limited damage. But the fact they were able to compromise A&L/Santander infrastructure directly is very concerning, at this stage we dont know what else they cracked. They'll take offline shortly I hope for everyone's sake. Ive emailed A&L etc.. but no response. Perhaps Martin has a contact he can notify. ?

    I used AOL to log on, i didn't get any warnings or anything though. It looked exactly like it always does.

    So i shouldn't do anything?? just wait and see is that what you suggest?
    or should i ring A+L tell that that my log in details could have been compromised and get them changed?
    Would that mean i was safe?
This discussion has been closed.
Meet your Ambassadors

Categories

  • All Categories
  • 347.7K Banking & Borrowing
  • 251.8K Reduce Debt & Boost Income
  • 452.1K Spending & Discounts
  • 240K Work, Benefits & Business
  • 616.1K Mortgages, Homes & Bills
  • 175.3K Life & Family
  • 253.3K Travel & Transport
  • 1.5M Hobbies & Leisure
  • 16K Discuss & Feedback
  • 15.1K Coronavirus Support Boards

Is this how you want to be seen?

We see you are using a default avatar. It takes only a few seconds to pick a picture.