Amazon Music Unlimited Offer: 1-Month For FREE!
Account link has disappeared on Warehouse Express
Quote:Just been to 'live chat' on the WE website, they say they have been sending out emails due to a major server upgrade.
Are you sure it was the real WE site!!!
Quote:Just been to 'live chat' on the WE website, they say they have been sending out emails due to a major server upgrade.
Then I don't think they have done a proper risk assessment...my preferred option would have been a n email that just told me I would have to reset my password next time I logged in..Then I could choose a safe password myself. If somone hacked into all WE customers emails, then they would have all the new passwords!!
and why would I need a new password twice?
Doesn't feel secure to me
Might be that the weakness wasn't in their email system (if that was breached even the "change password next time you logon" wouldn't have worked) but in another section of the site. The forced password update suggests that whatever possible problem it was allowed the hacker to gain access to the accound details in full. I suspect the lack of account control means that (at present) that section of the site is being repaired/fixed so that the possible entrance point is secure.
Also the fact that they haven't sent out a warning about hackers means that chances are its a loophole that has been found either by their own internal securty or by an outside beneficary (you get people delibratly hack into company systems, but do nothing but report it to the company - often getting compensation for their efforts). Thus the password change prevents any possible hacker using the details if they used the loophole before the repairs were put into place.
IT also protects users directly because some might not use their WE account for some time inbetween purchases and thus would be at risk if details of their account (And payment options) were already released.
Also the fact that they haven't sent out a warning about hackers means that chances are its a loophole that has been found either by their own internal securty or by an outside beneficary (you get people delibratly hack into company systems, but do nothing but report it to the company - often getting compensation for their efforts). Thus the password change prevents any possible hacker using the details if they used the loophole before the repairs were put into place.
IT also protects users directly because some might not use their WE account for some time inbetween purchases and thus would be at risk if details of their account (And payment options) were already released.
Hi, just got this back from Warehouse Express:
Dear Mr Reynolds,
Thank you for your email. Firstly please allow me to assure you that the
recent email informing you of the reset of your online password is
entirely genuine, and all customers have received such an email today.
We plan to add the facility to change your password to the "My Account"
area of our website once this facility is restored, which should be by
the end of this week.
Best regards,
Martin Berry
Sales Agent
Dear Mr Reynolds,
Thank you for your email. Firstly please allow me to assure you that the
recent email informing you of the reset of your online password is
entirely genuine, and all customers have received such an email today.
We plan to add the facility to change your password to the "My Account"
area of our website once this facility is restored, which should be by
the end of this week.
Best regards,
Martin Berry
Sales Agent
Sorry, just noticed you've already confirmed it,
Adrian
Adrian
