Experian email and password alert

Gorf123

Hi, all.

I just got an alert from Experian that my email address, and the password I use to access it, is being sold on the open market. I've changed the password just to be safe, and checked which online accounts use that address - none that can be used to rip me off, as it happens.

My question is: How do they know that it's my email password? If they hacked into (say) my Apple account and picked up the password for that account, then they have a password associated with my email address, just not the password required for direct access.

Are they just saying that there is my email address and a password being sold, or is there any further evidence to suggest it's really the email server password?

Thanks for reading...

fevlo

Im not sure if im reading this right.
Are you saying that you have had an email from Experian saying that your email address and the password to access your email have been compromised or that the password you use to access experian has been compromised ?

Sounds as if you have picked up a spam email to me.

fermi

Looks like Experian will reply themselves, but have had this pointed out.

http://help.creditexpert.co.uk/help/sv635/Identity_fraud/whats_web_monitoring

What's Web Monitoring?

Our Web Monitoring service is included in your CreditExpert membership.

It uses cutting edge web technology to scan the internet for your personal details (e.g. email address, passport details), searching areas including social media, government registers and illegal black-market sites.

If we find your details we will immediately send you an alert by text message or email, telling you what we’ve found and where. From here, you can review the alerts, get tips on what actions to take and check what details we are monitoring. The more details you give us, the more comprehensive our search will be, and the safer you will be from identity theft and fraud.

At Experian, the most important thing to us is the safety and security of your data and personal information. We take the security of your personal information very seriously. That is why we have partnered with VeriSign Inc. and have been through the rigorous security screening process of the International Computer Security Association (ICSA). We hold your details on our highly secure systems and do not pass them on to anybody else.

There are lists online on the black market of email addresses and passwords being sold. Some from leaks or hacks of providers, or other sources. So obviously yours has shown up on a list.

Can't imagine Experian would verify the password themselves, but the existence of your email and a purported password on such a list would be enough to raise the alert I would think.

Experian_company_representative

Hi Gorf123

Gorf123 wrote: »

Hi, all.

I just got an alert from Experian that my email address, and the password I use to access it, is being sold on the open market. I've changed the password just to be safe, and checked which online accounts use that address - none that can be used to rip me off, as it happens.

My question is: How do they know that it's my email password? If they hacked into (say) my Apple account and picked up the password for that account, then they have a password associated with my email address, just not the password required for direct access.

Are they just saying that there is my email address and a password being sold, or is there any further evidence to suggest it's really the email server password?

Thanks for reading...

I really want to help you with this one to establish why you've received this alert, if you haven't already done so you can click on the more details section of the alert which will explain what to do next once you've received one.

Thank you Fermi for your information, I was just about to response so you beat me to it.

So that I can investigate this further for you, could you please email me with your details (name/dob/address), I would be able to check the notes on your membership to establish the reason why this alert had been sent and how it relates to your email address/password.

Regards
James Jarvis

Gorf123

fermi wrote: »

There are lists online on the black market of email addresses and passwords being sold. Some from leaks or hacks of providers, or other sources. So obviously yours has shown up on a list.

Can't imagine Experian would verify the password themselves, but the existence of your email and a purported password on such a list would be enough to raise the alert I would think.

Cheers for that Fermi, and James for your post

I just wanted to know the extent of Experian's knowledge of this breach. Is it

1. the email I used for Experian signup is available for purchase and that it has a password?
2. the email I used for Experian signup is available for purchase and it has the password for the mail server.

If it's the former, for example if my hacked Adobe account and password are being sold, it's no big deal. The worst I can expect from this is a bit more spam.

If, as the wording of the alert suggests, it's the actual email server whose password has been compromised, it's far more worrying because that points to a failure by either my ISP or me.

If Experian's alert had given more information such as "The email address that you signed up with name@domain.com is being sold on the open market using the password passw***" it would be much more help because I can compare my password list to the partial password Experian supplies and say "Right - this breach happened because..."

Experian_company_representative

Hi Gorf123,

Just to clarify, the information that is monitored is set up when you open your CreditExpert membership.

You can choose what information that you would like monitored and add extra information such as bank account information, email address and passport number. This can all be done through the Web monitoring tab when you are logged in to CreditExpert.

We don't ask for any of your passwords though, and don't monitor for the passwords themselves. For security reasons we won't confirm any if your email is found on the web.

When you have the alert that your email has been found we will normally advise that you change your password, as you have done in this case.

If you do have any other concerns about your alert please give us a call on 0800 0138888 so we can help with this.

Kind Regards
Neil

Gorf123

fevlo wrote: »

Im not sure if im reading this right.
Are you saying that you have had an email from Experian saying that your email address and the password to access your email have been compromised or that the password you use to access experian has been compromised ?

Sorry Fevlo - I don't know how I missed your earlier response.

Everyone's reading it wrong, so it must be my explanation that's rubbish.

Experian has sent an email (genuine) referring me to an alert on their site stating that my email address and mail server password have been compromised - specifically:

High Risk Alert
Your email address and password are being illegally published and sold online.
What have we found?
Your email address g[redacted]@d[redacted]s.co.uk and the password you use to access it
Why do I need to know?
They are being sold together online by illegal black market communities. This puts you at high risk of becoming a victim of fraud.

I want to know what evidence they have to support that it is my email server password that is being sold.

My adobe account was hacked, along with millions of others. This means that my email address is circulating with a password, but it's not a current password, nor was it ever my mail server password.

bebewoo

You have your own email server?

Gorf123

bebewoo wrote: »

You have your own email server?

I have my own domain and pay for hosting. The included email server is not physically located within my home, but it is my own.

...not that I understand how your question affects the rest of the thread.

Experian_company_representative

Gorf123 wrote: »

Sorry Fevlo - I don't know how I missed your earlier response.

Everyone's reading it wrong, so it must be my explanation that's rubbish.

Experian has sent an email (genuine) referring me to an alert on their site stating that my email address and mail server password have been compromised - specifically:
I want to know what evidence they have to support that it is my email server password that is being sold.

My adobe account was hacked, along with millions of others. This means that my email address is circulating with a password, but it's not a current password, nor was it ever my mail server password.

Hi Gorf123

Thank you for confirming those further details, I understand that you want to resolve this issue as quickly as possible, to enable us to help you with the alert you've received, please give our team a call on 0800 0138888, they'll be able to investigate in further detail surrounding this alert and it's contains.

You can find our further contact details here

Regards
James Jarvis

mark87652

Gorf123 wrote: »

Sorry Fevlo - I don't know how I missed your earlier response.

Everyone's reading it wrong, so it must be my explanation that's rubbish.

Experian has sent an email (genuine) referring me to an alert on their site stating that my email address and mail server password have been compromised - specifically:
I want to know what evidence they have to support that it is my email server password that is being sold.

My adobe account was hacked, along with millions of others. This means that my email address is circulating with a password, but it's not a current password, nor was it ever my mail server password.

I too have the Experian service and received the same alert today - and have the same question as you i.e. is it really my email password or just a password with my email address.

Did you ever find out what evidence they had?