IMPORTANT REMINDER: Please make sure your posts do not contain any personally identifiable information. If you are uploading images, please take extra care that you have redacted all personal information.

Email from the AA - 'Password changed correctly' - AA hacked?

edited 26 June 2017 at 1:52PM in Motoring
44 replies 12.4K views
Doc_NDoc_N Forumite
7.9K Posts
Part of the Furniture 1,000 Posts Name Dropper Photogenic
✭✭✭✭
edited 26 June 2017 at 1:52PM in Motoring
MoneySavingExpert.com Insert:

Huge thanks for posting Doc N. We investigated the AA situation as you all aired concerns and have published this news story:

AA accidentally sends 'password updated' email causing confusion for customers.

Back to Doc N's thread...

---

I'm guessing a fair number of us will have received this email earlier this evening:

Hi,

You’ve successfully changed your password.

If you didn't make this change, please call us on 0330 102 8005.

Thanks,

The AA Team

[email protected]


The email address is a genuine AA address (or appears to be) and the number's certainly a genuine AA number.

The AA are currently saying it's a fake email, but it's more likely that either they've been hacked or that the emails are the result of a mistake.

Either way, this might reassure people that they're not alone in having received this.


http://who-called.co.uk/Number/03301028005
«1345

Replies

  • (or at least appears to be)

    Details from the header of the email:

    spf=fail ([email protected] does not designate 62.209.51.180 as permitted sender)
    dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=info.theaa.com
    Looks like the emails originated from a server in Germany.

    I'd avoid using the password reset/login form on the AA website until they formally announce something - if they've been hacked trying to log in could expose your password to a third party.
  • inkwatinkwat Forumite
    31 Posts
    Just received this e-mail so you're not the only one, slightly concerned as I can't seem to login to my AA account either so may have accidentally exposed my password.
  • You'll probably be fine. It could also be that the AA's IT dept are doing a system update and its an unintended side affect of that. If they announce in the morning that it was that then you'll be good to carry on as normal. If they say they've had a more serious issue then you'll want to change passwords anywhere else that you've used the same one. I'd be tempted to suggest doing that if they delay any announcement. Fingers crossed its just a gremlin in the IT update which they will likely apologise for in the morning.
  • I managed to log on ok but can't access some site areas. I hope filmderams is correct in suggesting that its a maintenance issue. Is credit card information kept on this site?
  • Silver_SharkSilver_Shark Forumite
    132 Posts
    Fifth Anniversary 100 Posts Name Dropper
    I did a Google search for AA breakdown cover and it says
    "You visited this page on 25/06/17" except I didn't as I only read the email this morning (26th). I haven't been able to log in, I'm now worried I've exposed my password.
  • AdrianCAdrianC Forumite
    42.2K Posts
    Eighth Anniversary 10,000 Posts Name Dropper
    ✭✭✭✭✭
    filmderams wrote: »
    Details from the header of the email:

    spf=fail ([email protected] does not designate 62.209.51.180 as permitted sender)
    dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=info.theaa.com
    Looks like the emails originated from a server in Germany.

    The AA have their mail servers listed in the SPF - Sender Policy Framework. This server isn't one of them. It's easy to get a mail server to lie about who it is.

    I bet any links in the email aren't really to theaa.com
  • tr33m4ntr33m4n Forumite
    2 Posts
    Third Anniversary First Post
    MoneySaving Newbie
    Anybody heard anything from AA? I fear I may have also fallen for the login trap :S
  • I sincerely doubt that an email from the AA would start with the word 'Hi'.

    I would also expect them to use the member's name.
  • I too had the same email and thankfully I was at work so was going to wait until I got home to change it but will now hold off, thanks folks
  • heather_p03heather_p03 Forumite
    122 Posts
    I have also just received this email - 26/06/2017 at 08:29

    No-one I know has logged in to my account - the app works but my details aren't recognised on the website!

    Will wait to see what happens.
This discussion has been closed.
Latest MSE News and Guides

Stoozing, sublets & summer sips

This week's MSE Forum highlights

MSE News

Martin Lewis quizzes Rishi Sunak

Watch the cost of living support Q&A here

Join the MSE Forum discussion

48 craft beers for £50 delivered

One-off bundle for newbies. Excludes Northern Ireland

MSE Deals