We're aware that some users are experiencing technical issues which the team are working to resolve. See the Community Noticeboard for more info. Thank you for your patience.
📨 Have you signed up to the Forum's new Email Digest yet? Get a selection of trending threads sent straight to your inbox daily, weekly or monthly!

Email from the AA - 'Password changed correctly' - AA hacked?

Options
Doc_N
Doc_N Posts: 8,541 Forumite
Part of the Furniture 1,000 Posts Name Dropper Photogenic
edited 26 June 2017 at 1:52PM in Motoring
MoneySavingExpert.com Insert:

Huge thanks for posting Doc N. We investigated the AA situation as you all aired concerns and have published this news story:

AA accidentally sends 'password updated' email causing confusion for customers.

Back to Doc N's thread...

---

I'm guessing a fair number of us will have received this email earlier this evening:

Hi,

You’ve successfully changed your password.

If you didn't make this change, please call us on 0330 102 8005.

Thanks,

The AA Team

email@info.theaa.com


The email address is a genuine AA address (or appears to be) and the number's certainly a genuine AA number.

The AA are currently saying it's a fake email, but it's more likely that either they've been hacked or that the emails are the result of a mistake.

Either way, this might reassure people that they're not alone in having received this.


http://who-called.co.uk/Number/03301028005
«1345

Comments

  • (or at least appears to be)

    Details from the header of the email:

    spf=fail (email@info.theaa.com does not designate 62.209.51.180 as permitted sender)
    dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=info.theaa.com
    Looks like the emails originated from a server in Germany.

    I'd avoid using the password reset/login form on the AA website until they formally announce something - if they've been hacked trying to log in could expose your password to a third party.
  • inkwat
    inkwat Posts: 31 Forumite
    Just received this e-mail so you're not the only one, slightly concerned as I can't seem to login to my AA account either so may have accidentally exposed my password.
  • You'll probably be fine. It could also be that the AA's IT dept are doing a system update and its an unintended side affect of that. If they announce in the morning that it was that then you'll be good to carry on as normal. If they say they've had a more serious issue then you'll want to change passwords anywhere else that you've used the same one. I'd be tempted to suggest doing that if they delay any announcement. Fingers crossed its just a gremlin in the IT update which they will likely apologise for in the morning.
  • I managed to log on ok but can't access some site areas. I hope filmderams is correct in suggesting that its a maintenance issue. Is credit card information kept on this site?
  • Silver_Shark
    Silver_Shark Posts: 162 Forumite
    Eighth Anniversary 100 Posts Name Dropper
    I did a Google search for AA breakdown cover and it says
    "You visited this page on 25/06/17" except I didn't as I only read the email this morning (26th). I haven't been able to log in, I'm now worried I've exposed my password.
  • AdrianC
    AdrianC Posts: 42,189 Forumite
    Eighth Anniversary 10,000 Posts Name Dropper
    filmderams wrote: »
    Details from the header of the email:

    spf=fail (email@info.theaa.com does not designate 62.209.51.180 as permitted sender)
    dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=info.theaa.com
    Looks like the emails originated from a server in Germany.

    The AA have their mail servers listed in the SPF - Sender Policy Framework. This server isn't one of them. It's easy to get a mail server to lie about who it is.

    I bet any links in the email aren't really to theaa.com
  • Anybody heard anything from AA? I fear I may have also fallen for the login trap :S
  • I sincerely doubt that an email from the AA would start with the word 'Hi'.

    I would also expect them to use the member's name.
  • I too had the same email and thankfully I was at work so was going to wait until I got home to change it but will now hold off, thanks folks
  • heather_p03
    heather_p03 Posts: 122 Forumite
    I have also just received this email - 26/06/2017 at 08:29

    No-one I know has logged in to my account - the app works but my details aren't recognised on the website!

    Will wait to see what happens.
This discussion has been closed.
Meet your Ambassadors

🚀 Getting Started

Hi new member!

Our Getting Started Guide will help you get the most out of the Forum

Categories

  • All Categories
  • 350.8K Banking & Borrowing
  • 253K Reduce Debt & Boost Income
  • 453.5K Spending & Discounts
  • 243.8K Work, Benefits & Business
  • 598.6K Mortgages, Homes & Bills
  • 176.8K Life & Family
  • 257.1K Travel & Transport
  • 1.5M Hobbies & Leisure
  • 16.1K Discuss & Feedback
  • 37.6K Read-Only Boards

Is this how you want to be seen?

We see you are using a default avatar. It takes only a few seconds to pick a picture.