Advertisement
Have your say on the future of the 'Save Draft' feature in this poll
MODs please see this information notice in the mod's forum. Thanks!
How to add spoiler tags, edit posts, add images etc. How to - a user's guide to the new version of Boards

Fastway/Parcel Connect

11415161820

Comments



  • Darc19 wrote: »
    Didn't see the same uproar when TK Maxx had a data breach and all credit card information was accessed, same with Clarks shoes


    Anyone who got this file has already dumped it as it has zero value

    The TKMaxx one affected US data.

    Right now, having name + address + mobile number of people who are using a courier firm is a gold mine for people sending fake "due to Brexit you need to pay customs at this website" scam texts. This will be used, and people will fall for it as the messages will be far more custom than before. "Mary Murphy, we have a package for delivery to you at 123 Scam Street".

    Phone books haven't had mobile numbers since about 1993.




  • I noticed the email from fastway at half an hour ago. In the last 5 minutes I've had two emails from Facebook asking of I've been trying to log in from a new device. Wonder of there's any connection?




  • McGaggs wrote:
    I noticed the email from fastway at half an hour ago. In the last 5 minutes I've had two emails from Facebook asking of I've been trying to log in from a new device. Wonder of there's any connection?


    Did you setup a fastway account using the same password?

    I'd change your Facebook password now anyway




  • I got the email from Wiggle advising of same.

    All Fastway would have on me would be Name Address email and mobile contact.

    No2 that some hacker has that 4 pieces of info..... what can I expect to happen next from the hacker... ?? Sell my mobile contact to Who??? Use my email to do what??




  • Data breaches are common enough. There are online platforms you can run your email address through to see if they've been involved in a data breach such as ArkOwl.


  • Advertisement


  • dubrov wrote: »
    Did you setup a fastway account using the same password?

    I'd change your Facebook password now anyway

    Nobody has an account with fastway, no passwords were released. The worry here is that addresses and phone numbers are now associated with names and emails, and that could allow someone to convince Amazon for example to allow a password reset and take over the account with stored card details in it.

    The Facebook notification is clearly someone who doesn't have the password, but is trying to get in. Could this attack be using an old password from an old back that's associated with an email address, if a phone number and address are used as security questions....




  • Masala wrote: »
    I got the email from Wiggle advising of same.

    All Fastway would have on me would be Name Address email and mobile contact.

    No2 that some hacker has that 4 pieces of info..... what can I expect to happen next from the hacker... ?? Sell my mobile contact to Who??? Use my email to do what??

    The email address can be linked to a previous hack. They would now have your name, email, address and phone number. Of they can find your dob, you're in trouble. Time to make sure there's no public posts anywhere that reveal your age and birthday.




  • Does this come under gdpr infringement?

    So a fine a maximum fine of €20 million (about £18 million) or 4% of annual global turnover – whichever is greater – for infringements.




  • is it only littlewoods customers affected?




  • fryup wrote: »
    is it only littlewoods customers affected?

    No I don't think so, I haven't used littlewoods and was emailed by Fastway.


  • Advertisement


  • fryup wrote: »
    is it only littlewoods customers affected?

    No - my email specifically says it's as a result of a Smyths Toystore delivery.




  • fryup wrote: »
    is it only littlewoods customers affected?

    Got an ail from them because they're used by homestore +more.




  • McGaggs wrote: »
    Nobody has an account with fastway, no passwords were released. The worry here is that addresses and phone numbers are now associated with names and emails, and that could allow someone to convince Amazon for example to allow a password reset and take over the account with stored card details in it.

    The Facebook notification is clearly someone who doesn't have the password, but is trying to get in. Could this attack be using an old password from an old back that's associated with an email address, if a phone number and address are used as security questions....

    That would just mean you got a password reset mail or message to your email and phone of which the hackers have no access




  • That would just mean you got a password reset mail or message to your email and phone of which the hackers have no access

    For most things, yes, but I've read a couple of articles about how people have had Amazon accounts taken over by 'hackers' phoning up or using we chat.

    About 10 years ago, I was having a conversation about this type of thing, and one of the lads said there was no way someone could get access to your accounts. I told him I would, and I managed to post something daft from his Facebook account. I had to get his Gmail password reset in order to get into his Facebook. All I had was name, address and dob.




  • I got it too - komplette.ie

    Also having all of that data could authenticate you with a lot of service providers and get them to share account data with you.




  • so what are we saying here - are our credit card details at risk??




  • fryup wrote: »
    so what are we saying here - are our credit card details at risk??

    No - name, address, email address and mobile phone number.




  • odyssey06 wrote: »
    No - name, address, email address and mobile phone number.

    so more phone calls from new delhi then? :cool:




  • L1011 wrote: »
    The TKMaxx one affected US data.

    Right now, having name + address + mobile number of people who are using a courier firm is a gold mine for people sending fake "due to Brexit you need to pay customs at this website" scam texts. This will be used, and people will fall for it as the messages will be far more custom than before. "Mary Murphy, we have a package for delivery to you at 123 Scam Street".

    Phone books haven't had mobile numbers since about 1993.

    Those who send out scam texts will not go to the bother of a list when they can send 1,000,000 random numbers a text in a few minutes.

    People enter their mobile numbers on tons of stuff, they blab to the world on Facebook and Instagram, they put their work life on LinkedIn.

    There's feck all value in name address and email lists.

    The laugh I got today was the Snowflake on radio who gave his full name and local area and said he was "concerned". Feckin eejit.

    I put his name into Facebook and from one PUBLIC photo I was able to find his address.

    A quick Google and I found his phone number and email as he is involved in a local soccer club and his phone number and email was there on their Facebook page.

    I spent less than a minute to show someone at work how ridiculous his whining was.




  • The hit rate from 1m random numbers is going to be far, far less than the hit rate from highly personalised scams.

    This data is hugely valuable in the wrong hands, and you are showing a complete lack of knowledge of why in trying to claim it isn't.

    They have up to date, presumably very accurate info that can be used to craft extremely convincing scams full of info that people assume isn't easily available - and they have hundreds of thousands of those records.

    What scammers aren't going to do is try construct equivalent info from a hugely time intensive (one minute times four hundred thousand records) trawl of multiple sources to do the same; so your comparison is pointless.


  • Advertisement


  • Fastway .... the gift that keeps giving!
    They always struggle to deliver my parcels but apparently had no trouble giving my details away!




  • McGaggs wrote: »
    For most things, yes, but I've read a couple of articles about how people have had Amazon accounts taken over by 'hackers' phoning up or using we chat.

    About 10 years ago, I was having a conversation about this type of thing, and one of the lads said there was no way someone could get access to your accounts. I told him I would, and I managed to post something daft from his Facebook account. I had to get his Gmail password reset in order to get into his Facebook. All I had was name, address and dob.

    Absolutely, if you know the person well enough it can still be done but the hacker won't be able to answer any of the security questions and I'm pretty sure not knowing your own mother's maiden name would blow your cover.




  • L1011 wrote: »
    The hit rate from 1m random numbers is going to be far, far less than the hit rate from highly personalised scams.

    This data is hugely valuable in the wrong hands, and you are showing a complete lack of knowledge of why in trying to claim it isn't.

    They have up to date, presumably very accurate info that can be used to craft extremely convincing scams full of info that people assume isn't easily available - and they have hundreds of thousands of those records.

    What scammers aren't going to do is try construct equivalent info from a hugely time intensive (one minute times four hundred thousand records) trawl of multiple sources to do the same; so your comparison is pointless.

    But they don't. It's mostly public information that's already available.

    I'm not saying it's of no value at all but it's low grade and mostly of use in indirect scams.




  • But they don't. It's mostly public information that's already available.

    I'm not saying it's of no value at all but it's low grade and mostly of use in indirect scams.

    Its not information that's available in one place, effectively pre-verified and up-to-date and perfect for crafting extremely convincing scams that bypass many of the standard things people check for - does it address me by name being a huge one drilled in by banks, Paypal and so on.

    With this you have a name, email, address, mobile number, knowledge that the data is up to date, knowledge that the person shops online or by phone, knowledge that the person presumably has some money - so a good chance of a much higher hit % than a scattergun scam or even trying to build something just off harvested email addresses with assumed to be accurate names.

    If you (meaning posters in general) don't understand how valuable this is for scammers, I really, really hope you have no control over other peoples data in any way, shape or form.




  • L1011 wrote: »
    Its not information that's available in one place, effectively pre-verified and up-to-date and perfect for crafting extremely convincing scams that bypass many of the standard things people check for - does it address me by name being a huge one drilled in by banks, Paypal and so on.

    If you (meaning posters in general) don't understand how valuable this is for scammers, I really, really hope you have no control over other peoples data in any way, shape or form.

    It's easily crafted. Voters register has your name and address. From there you can locate the rest depending on the person. The more naive and open online people for example.

    However, the reality is that its highly unlikely to result in any of your accounts being hacked and will most likely be used for phishing.

    Again, phishing isn't high level. It's certainly an issue to be aware of but by being informed of the breech, people should have enough cop on to not fall for it.

    No, I'm not a data controller for anyone




  • Voting register is only available for inspection in person in print form except for the edited register of the few people who opt-in for spam post. That is tiny these days. The labour intensivity of that is off the scale.

    This is likely to be used for basically spear-phishing and it will catch out a lot of people who think they have the cop-on and would easily avoid a scattergun scam.




  • L1011 wrote: »
    Voting register is only available for inspection in person in print form except for the edited register of the few people who opt-in for spam post. That is tiny these days. The labour intensivity of that is off the scale.

    This is likely to be used for basically spear-phishing and it will catch out a lot of people who think they have the cop-on and would easily avoid a scattergun scam.

    This is scaremongering BS. You need to be called out for this. It's something a rag like the daily muck would come out with.

    This is very low value information and unlikely to be much value to anyone.




  • Darc19 wrote: »
    This is scaremongering BS. You need to be called out for this. It's something a rag like the daily muck would come out with.

    This is very low value information and unlikely to be much value to anyone.

    I'm not scaremongering in the slightest. This is what criminals do with data.

    You can continue to try claim its not important, but it doesn't change reality.




  • Mod - Can everyone please take it down a notch. There has been a breach, and information is out there. We now need to be be careful of any suspicious emails and texts.


  • Advertisement


  • Data breaches are common enough. There are online platforms you can run your email address through to see if they've been involved in a data breach such as ArkOwl.

    Got email from fastway and homestore and more earlier.

    How do ArkOwl know whether my email has been involved in a data breach? Isn’t someone like fastway giving ArkOwl that info yet another breach of my data? I’m confused.


Leave a Comment

Rich Text Editor. To edit a paragraph's style, hit tab to get to the paragraph menu. From there you will be able to pick one style. Nothing defaults to paragraph. An inline formatting menu will show up when you select text. Hit tab to get into that menu. Some elements, such as rich link embeds, images, loading indicators, and error messages may get inserted into the editor. You may navigate to these using the arrow keys inside of the editor and delete them with the delete or backspace key.

Advertisement