South African ISP suffers massive password leak online

profeet

Banned
Joined
Oct 14, 2015
Messages
1,094
There are other ISPs and companies who have done substantially worse things and seem to have gotten away through a couple of paid editorials. Leaks of those nature will always happen, but then it is more important how the company affected reacts and does damage control. CW did what was necessary. There are other companies who denied similar incidents for weeks (FWIW - do a search on Pastebin for some prominent SA domain email suffixes and you will see what I mean) without taking ownership.

Whatever makes you warm and fusssy on the inside :)
 

MickeyD

RIP
Joined
Oct 4, 2010
Messages
139,117
An ex customer. I got offended at the way they attacked postman pot and insulted / called him a liar etc. in here. I've been a lurker in here since 2005. The trouble is that you're always representing your company if you use the same name to post on a personal level and support clients in here.
Why hide behind a clone account?
 

ic

MyBroadband
Super Moderator
Joined
Nov 8, 2004
Messages
14,802
Someone is lying then.

[-]That might also be an incorrect assumption that you are making.

AFAIK the data was leaked at 03:45 and DJ... knew about it at 03:46.[/-]
 
Last edited:

crackersa

Honorary Master
Joined
May 31, 2011
Messages
29,028
An ex customer. I got offended at the way they attacked postman pot and insulted / called him a liar etc. in here. I've been a lurker in here since 2005. The trouble is that you're always representing your company if you use the same name to post on a personal level and support clients in here.

postman was not attacked. he was called out for his actions and his comments, and for leading other forum members on with inaccurate information.
 

access

Honorary Master
Joined
Mar 17, 2009
Messages
13,462
postman was not attacked. he was called out for his actions and his comments, and for leading other forum members on with inaccurate information.

I actually wondered what happened to that character, read so much nonsense from it
 

DJ...

Banned
Joined
Jan 24, 2007
Messages
70,287
That is an incorrect assumption.

The perpetrators published without communication with us, and instead sent a link to MyBroadband, who in turn contacted Crystal Web for comment. This was the first notice of a potential issue that we'd received, at which point we initiated investigations into the matter and with the cooperation of numerous parties, were able to identify suspicious activity in their logs which correlated with the information we had been sent. If you're aware of other communication made with us (or me directly) it would be valuable information to have, as we are not in possession of any such communication and have never been made aware of any attempt by those responsible to communicate with us about this, nor of any organisation other than MyBB having contacted us or me personally about this. Any additional information that you may have will be pertinent to the criminal investigation so please feel free to PM me for contact details to send to, as this is news to me and the rest of the team here...
 

Geoff.D

Honorary Master
Joined
Aug 4, 2005
Messages
25,680
What I pick up from this thread:

(1) Too much "clickbait" in Titles: Why was the word "Massive" considered necessary?
(2) Like many others on the forum (DJ is just one example), who are not afraid to stand up for themselves are mercilessly attacked when stating "facts" as clearly as possible.
In this case, DJ representing his company did the responsible thing and still he is attacked?
(3) There is very little tolerance on the forum for "minority opinions" -- one is only part of the crowd if you tow the line.

This is supposed to be a forum where persons can feel welcome to debate matters from all sides. I see over the years many have attempted to try and get debates to work properly, but have had limited success --- the crowd don't seem to want a place where cordial debates can be held?
 

AfricanTech

Honorary Master
Joined
Mar 19, 2010
Messages
38,801
The perpetrators published without communication with us, and instead sent a link to MyBroadband, who in turn contacted Crystal Web for comment. This was the first notice of a potential issue that we'd received, at which point we initiated investigations into the matter and with the cooperation of numerous parties, were able to identify suspicious activity in their logs which correlated with the information we had been sent. If you're aware of other communication made with us (or me directly) it would be valuable information to have, as we are not in possession of any such communication and have never been made aware of any attempt by those responsible to communicate with us about this, nor of any organisation other than MyBB having contacted us or me personally about this. Any additional information that you may have will be pertinent to the criminal investigation so please feel free to PM me for contact details to send to, as this is news to me and the rest of the team here...

I have no doubt that it was maliciously intended.

The only way for ~hades to have known that I was a CW customer (and hence sending me a PM with the link to the list) was by actively following MyBB and individually picking up those people who have indicated that they are CW customers. That required more effort than simply using a list that they/he could feed into a script.

There is no connection between my CW credentials and my MyBB credentials beyond the fact that I have posted here that I've recently become a CW customer.
 

DJ...

Banned
Joined
Jan 24, 2007
Messages
70,287
That might also be an incorrect assumption that you are making.

AFAIK the data was leaked at 03:45 and DJ... knew about it at 03:46.

Not sure where you're getting your timestamps and insight into our awareness from, but I was first to be informed and it was not at 03:45. I have double-checked my mails and certainly didn't receive anything about this at those times. Please do let me know where you are getting your information from so that I can verify or clarify from our side, as that is categorically incorrect unless I have somehow missed a channel of communication that we've not yet considered.

Any additional information will sincerely help. Are you perhaps not only seeing today's activity in isolation? Easy mistake to have made if it's the case, but initial communication originated the morning of the 23rd...:)
 
Last edited:

Sinbad

Honorary Master
Joined
Jun 5, 2006
Messages
78,948
I have no doubt that it was maliciously intended.

The only way for ~hades to have known that I was a CW customer (and hence sending me a PM with the link to the list) was by actively following MyBB and individually picking up those people who have indicated that they are CW customers. That required more effort than simply using a list that they/he could feed into a script.

There is no connection between my CW credentials and my MyBB credentials beyond the fact that I have posted here that I've recently become a CW customer.

I am very publically a CW customer and advocate, to the point that people accuse me of being employed by them.
I wonder if this indicates why I did _NOT_ receive a PM about this...
 

ponder

Honorary Master
Joined
Jan 22, 2005
Messages
91,698
An ex customer. I got offended at the way they attacked postman pot and insulted / called him a liar etc. in here. I've been a lurker in here since 2005. The trouble is that you're always representing your company if you use the same name to post on a personal level and support clients in here.

No he got called out for his BS as many others also did.
 
Top