[Asterisk-biz] Data leak at Packet8 turns customers into phishingtargets

[Dean Collins]

Wow thanks for this.

As a Packet 8 customer I can say for a fact that I didn't receive an
apology email.

Other than that I'm surprised they only have 21,000 customers - or was
this a subset of their customer base?

Dean


> -----Original Message-----
> From: asterisk-biz-bounces at lists.digium.com [mailto:asterisk-biz-
> bounces at lists.digium.com] On Behalf Of Trevor G. Hammonds
> Sent: Wednesday, 14 September 2005 12:58 AM
> To: 'Commercial and Business-Oriented Asterisk Discussion'
> Subject: [Asterisk-biz] Data leak at Packet8 turns customers into
> phishingtargets
> 
> VoIP provider spills customer emails
> Data leak at Packet8 turns customers into phishing targets
> ----------------------------------------------------------
> Tom Sanders in California, vnunet.com 13 Sep 2005
> ----------------------------------------------------------
> Internet telephony provider Packet8 has accidentally disclosed the
email
> addresses of 21,000 of its subscribers.
> 
> Packet8 sells internet telephony services to consumers and businesses
in
> North America, allowing them to place telephone calls to regular phone
> numbers at a discounted rate. The VoIP provider has more than 73,000
> subscribers.
> 
> Joan Citelli, director of corporate communications at Packet8, told
> vnunet.com that the data leak occurred when an employee accidentally
> attached a spreadsheet containing the email addresses to the monthly
> Packet8
> email newsletter sent last Thursday.
> 
> The file contained no data other than the email addresses of
subscribers
> of
> the opt-in newsletter.
> 
> Packet8 has instituted additional checks to prevent future security
> lapses.
> "It was a one-time fluke. I do not expect it to happen again," said
> Citelli.
> 
> 
> The firm sent an email to customers on Friday apologising for the data
> disclosure.
> 
> Andrew Lockhart, director of product marketing at email security
vendor
> Postini, said that Packet8 customers are likely to become the target
for
> phishing attacks if criminals get hold of the list.
> 
> "This just makes it easier for the spammers and phishers," he told
> vnunet.com.
> 
> Knowing that the addresses on the list are all Packet8 customers,
phishers
> could send emails that appear to come from Packet8.
> 
> The email could then fool them into disclosing confidential
information by
> asking them to re-enter credit card information or log-in name and
> password.
> 
> 
> "The fact that this list is identifiable as being of customers of the
> service makes it potentially more dangerous," said Lockhart.
> 
> The mishap could have easily been prevented, he added, as there are
> numerous
> tools available that scan outgoing email messages for unwanted content
and
> attachments.
> 
> Permalink to this story
> www.vnunet.com/2142205
> 
> _______________________________________________
> Asterisk-Biz mailing list
> Asterisk-Biz at lists.digium.com
> http://lists.digium.com/mailman/listinfo/asterisk-biz