Data belonging to thousands of British Gas customers have been posted online, the company has already contacted 2,200 users to warn them about the data breach. The customers’ records leaked online include email addresses and account passwords, the account details were posted to online text-sharing service Pastebin.
According to the BBC, the British Gas customers have received by the company an email message that reads as follows:
““I can assure you there has been no breach of our secure data storage systems, so none of your payment data, such as bank account or credit card details, have been at risk. As you’d expect, we encrypt and store this information securely.””From our investigations, we are confident that the information which appeared online did not come from British Gas.”
The message doesn’t explain the source of the stolen data, but the company confirmed that the data had not come from British Gas systems.
Security experts speculate that account details belonging to the British Gas customers may have origin from other data breaches and someone has tested them also to access the company accounts. Unfortunately, the majority of Internet users for passwords share the same credentials across multiple accounts on the web, it is enough compromise one of them to steal their digital identities.
This morning I’ve published another post that citing sources at the Financial Times, reveals that digital identities of tens of thousands of Britons are available for sale on the darkweb, including data belonging to the government personnel. Many experts speculate that the volume of data represents only the tip of the iceberg.
Experts from Symantec firm told the FT that details on over 600,000 customers were stolen from UK companies in 2014, and a significant portion is already available for sale in the criminal ecosystem.
It is a bad period for Britons, the incident follows the clamorous data breach at TalkTalk.
(Security Affairs – British Gas, hacking)
Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.
Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.