We'd like to remind Forumites to please avoid political debate on the Forum... Read More »
People's Energy - serious data breach
To say I'm livid would be a gross understatement. Never again with these people - and probably a risk with any smaller supplier that can't or won't afford proper security.
Comments
-
Doc_N said:...These include member names, addresses, email addresses, telephone numbers, dates of birth, People’s Energy account numbers, tariff details, and meter identification numbers.
To say I'm livid would be a gross understatement. Never again with these people - and probably a risk with any smaller supplier that can't or won't afford proper security.Yes, got the email earlier.That is a lot of 'useful' information for scammers, hackers and miscreants even if they do not have any bank details.They say that no financial information has been disclosed, but if scammers can somehow work out what bank any customers are with then that may be even more of a horror show.I was thinking of leaving earlier this year when British Gas were doing a good online deal, but it looks like that wouldn't have made much difference since previous customer details also appear to be compromised.I can't see any way in which I can keep them as a supplier now, no matter what happens with my personal details.
1 -
That's why I refuse to give my Date of Birth to anyone who doesn't genuinely need it. So many idiotic companies use it as a password, not stopping to think that a data breach means that any fraudster that gets it is then halfway into raiding your bank account and stealing your identity. It's not just the smaller companies, the big boys are equally stupid. All the fraudster then needs is your mother's maiden name (I don't give that out either).2
-
That's the last of my dealings with People's Energy. I imagine a lot more will feel that way, and I suspect they may not be around for too much longer. Rats and sinking ships come to mind.0
-
I looked at switching to them but they were expensive despite their advertising that they were not making profits for people. How come those who do make profits can have lower tariffs? Glad I didn't switch tothem0
-
A few hours after receiving the email about the breach from People's Energy, I received the following email from PayPal:At PayPal, safety and security are our top priorities, and we routinely monitor accounts for any suspicious activity. We spotted something unusual so, as a precaution, we disabled your password. Don't worry, your account is fine. You just need to create a new password to continue using your account as usual.
It could be a coincidence, but it is worrying nonetheless.
0 -
I find the benefit of using desktop pc with a mouse is that I can "hover" over the links in such emails to see what url they direct you to without actually clicking them. Nine times out of ten the email is fake.Miles_W said:A few hours after receiving the email about the breach from People's Energy, I received the following email from PayPal:At PayPal, safety and security are our top priorities, and we routinely monitor accounts for any suspicious activity. We spotted something unusual so, as a precaution, we disabled your password. Don't worry, your account is fine. You just need to create a new password to continue using your account as usual.It could be a coincidence, but it is worrying nonetheless.
1 -
Clicking/tapping on the email sender is always helpful as well, normally it's a 'personal' looking email or something completely random.Talldave said:
I find the benefit of using desktop pc with a mouse is that I can "hover" over the links in such emails to see what url they direct you to without actually clicking them. Nine times out of ten the email is fake.Miles_W said:A few hours after receiving the email about the breach from People's Energy, I received the following email from PayPal:At PayPal, safety and security are our top priorities, and we routinely monitor accounts for any suspicious activity. We spotted something unusual so, as a precaution, we disabled your password. Don't worry, your account is fine. You just need to create a new password to continue using your account as usual.It could be a coincidence, but it is worrying nonetheless.
1 -
This email was genuinely from PayPal.0
-
Doc_N said:We’re very sorry to tell you that on the 16th December People’s Energy was affected by a cyber security data breach.No financial information, bank account details, or People’s Energy online account passwords have been compromised for any domestic customers. However, some personal details were accessed. These include member names, addresses, email addresses, telephone numbers, dates of birth, People’s Energy account numbers, tariff details, and meter identification numbers.We have acted quickly and informed the Police, Information Commissioner and Ofgem. We’re following their advice in dealing with this situation.
To say I'm livid would be a gross understatement. Never again with these people - and probably a risk with any smaller supplier that can't or won't afford proper security.Well it's certainly unfortunate but is it really such a big deal lin practice? (I agree the breach is a big deal, I'm thinking about the possible consequences).Loads of people will know your name, address and email. Similarly your DoB. personally, I think there should be some sort of rule against using DoB as any form of security as it is pretty much public domain really - millions have it on social media for example. As for telephone number, well most people give that away through caller ID everytime they make a call, so that's no biggie either. I'm nt sure what a scammer could do with your People's Energy account number or tariff details either. As for your meter number, if like millions of people, you have an meter box at your property then it is effectively open for anyone to have a look at so I'm not sure about the security risk their either.So yes, I'd also be angry because I'd now want to be changing supplier, which is always a hassle, but I wouldn't be losing any sleep over losing anything else.0 -
Strange that last week I authorised a switch using MSE as Peoples Energy were uncompetitive and despite their stated "community" policy would not offer the me the same deal as "new" customers. I compained bitterly to them about losing my data and they have responded:
"Thank you for your email.People's Energy is a Community Interest Company which was founded in order to enable social change and fight fuel poverty.We are not able to offer compensation in relation to this malicious criminal attack. We have taken strong measures in order to secure our IT systems and your information. We are working with our regulator Ofgem, the Police and the Information Commissioner's Office.
We hold former members’ details in line with industry standards, which is a minimum of one year for personal details, and seven years for property details, such as address or meter identification numbers. We delete information when we no longer have a valid reason to keep it. You can find more details about our data retention policy on our website (link to their website)
The information itself is not held online but in a computer server. It is this server that has been accessed from the internet.
I will ensure that your data is deleted through the Right To Be Forgotten process after your account has been closed."
So much for their "secure" server and the statements in their data policies that they will keep data secure. Any customer should be grateful that they actually use a 3rd party for payment/bank data and that 3rd part seem to actually understand the word "secure".
So much also for caring for customers and the comunity - other organusations have offered help to those affected by data breaches but Peoples Engergy just do not care and offer nothing. Why they need to keep data for 7 years is a mystery when they offer to delete it when I leave under the "Right to Forget? Perhaps Martin needs to start a campaign for Dates of Birth not to be demanded or recorded and for data to be deleted as soon as you leave the supplier and guve guidance on "Right to Forget".
Glad I have switched and cannot wait for the switch to be done.
0
Confirm your email address to Create Threads and Reply
Categories
- All Categories
- 350.9K Banking & Borrowing
- 253.1K Reduce Debt & Boost Income
- 453.6K Spending & Discounts
- 243.9K Work, Benefits & Business
- 598.8K Mortgages, Homes & Bills
- 176.9K Life & Family
- 257.2K Travel & Transport
- 1.5M Hobbies & Leisure
- 16.1K Discuss & Feedback
- 37.6K Read-Only Boards