1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

DirecTV's database of email accounts compromised

Discussion in 'DIRECTV General Discussion' started by invaderzog, Apr 12, 2012.

  1. invaderzog

    invaderzog New Member

    6
    0
    Apr 12, 2012
    I saw that there was a closed thread about this.

    I can't post the link because I am new, but the thread ID is: 200922

    I want to report the same thing. I am also an IT professional who creates unique email addresses on my mail server for various businesses. I stopped being a DirecTV customer years ago and the mailbox didn't get any activity until February. Since then, I have gotten a significant number of virus emails sent to that address.

    It seems highly likely that this represents a breach in DirecTV's security.

    I'm not sure who or how to report this to DirecTV. Customer Service Agents were (understandably) unable to route my call to corporate IT/security.
     
  2. wahooq

    wahooq DBSTalk Club DBSTalk Club

    931
    1
    Oct 19, 2011
    Tulsa, OK
    Dude...seriously? that was like 4 months ago and nothing ever became of it
     
  3. invaderzog

    invaderzog New Member

    6
    0
    Apr 12, 2012
    When you say, "nothing ever came of it", do you mean that attempts were made to contact DirecTV and they ignored it?

    I sent an email to their Fraud Division requesting that the email be forwarded to their IT Security group, but I'm mostly expecting to be ignored.

    If that's the case, then perhaps it might be time to see if anyone in the media cares.
     
  4. dpeters11

    dpeters11 Hall Of Fame

    16,252
    490
    May 30, 2007
    Cincinnati
    I haven't looked at that thread sine it's closure, but i do remember it. You can certainly try it, but I doubt it. Spam is too mundane and too many other possibilities other than their address list being hacked.

    I don't even try to fight spam anymore. If it goes in the spam filter fine. If not, I mark as spam and move on.
     
  5. invaderzog

    invaderzog New Member

    6
    0
    Apr 12, 2012
    Spam may be mundane, but having your customer database compromised is not. I don't care much about the spam. It is a unique email address and I just shut it off. My personal problem is solved.

    Given that we have multiple reports of people who have issued a UNIQUE email address to DirecTV and found that they started to getting non-DirecTV emails there within the last few months (and never before), I think that this is strong evidence.

    The simplest explanation is that someone got into the DirecTV.com account database and distributed it earlier this year. I'd challenge anyone to come up with a reasonable alternate explanation for the evidence :)
     
  6. Drew2k

    Drew2k New Member

    14,514
    228
    Aug 16, 2006
    I'm sorry you are seeing viruses, but that's not proof that DIRECTV's database was compromised.
     
  7. invaderzog

    invaderzog New Member

    6
    0
    Apr 12, 2012
    Did you miss the part where I created a UNIQUE email address that was only ever given to DirecTV. I never received anything that wasn't from DirecTV until earlier this year. Someone else reported the same thing. Explain that :)
     
  8. Drew2k

    Drew2k New Member

    14,514
    228
    Aug 16, 2006
    Didn't miss it. It's still not proof that DIRECTV's database was compromised. It's a very very serious charge but it's not substantiated.
     
  9. spartanstew

    spartanstew Dry as a bone

    12,561
    61
    Nov 16, 2005
    Wylie, Texas
    I created Email addresses for my sons several years ago, so they would have them when they got older (with their name in them).

    Those Email addresses have never been used, but I log on to check them every 6 months or so and there's almost always some spam.

    Explain that.
     
  10. wallfishman

    wallfishman Icon

    509
    0
    Dec 31, 2008
    This whole Fng planet has been compromised. maybe its those chinese hackers we keep hearing about
     
  11. inf0z

    inf0z Legend

    273
    8
    Oct 15, 2011
    You're ruling out the possibility of some one obtaining your email account(s) through the domain that you set up for all of these email accounts.
    I'm not saying that it's not possible for this to be related to the D* email compromise, I'm just saying there are other possibilities.
     
  12. invaderzog

    invaderzog New Member

    6
    0
    Apr 12, 2012
    I agree it is serious. The evidence is strong enough that it should be investigated. Another related explanation is that a "bad apple" who had access to their email address database (i.e. someone in marketing) sold it off on the black market. This isn't "quite" as bad as having the DB compromised, but the end results are effectively similar.

    Just to be clear -- I run my own Exchange 2010 server. It's sitting in front of me. There is no way to get a list of my valid email addresses -- and if someone did compromise my server, it wouldn't be just the DirecTV mailbox and that wouldn't explain the other poster's similar observations.

    In any case, this is a consumer discussion board and isn't the appropriate forum. I only started this thread because when a result from it popped as a top result when I started my research. If I don't hear back from DirecTV, I'll take this to a white hat forum.
     
  13. invaderzog

    invaderzog New Member

    6
    0
    Apr 12, 2012
    I expect that those email addresses you created were @gmail.com/etc. What you are describing is rather common actually. While the exact mechanism is not clear to me, the major email providers are regularly compromised/brute forced as they are huge targets.

    In my case, this is my own private mail server.
     
  14. Hoosier205

    Hoosier205 New Member

    6,659
    14
    Sep 3, 2007
    [​IMG]
     
  15. luckydob

    luckydob Godfather

    451
    0
    Oct 1, 2006
    Which is connected to the internet, yes? Which is registered to someone such as godaddy.com? There are two things that could hurt you. Maybe your mail server was hacked and you dont know? Maybe godaddy was compromised? You are only immune if you turn off the internet.
     
  16. RunnerFL

    RunnerFL Well-Known Member

    17,054
    311
    Jan 4, 2006
    It's not serious. If you were actually an "IT Professional" you'd know how spam attacks take place. They don't have to find your email address, they just send out emails to random names, most of which don't even make sense.

    Not to mention if you were an "IT Professional" you wouldn't use Exchange. :D
     
  17. RunnerFL

    RunnerFL Well-Known Member

    17,054
    311
    Jan 4, 2006
    No matter how private you may think it is, it's not. If someone feels they want to spend their time screwing with you by sending emails to random addresses at your domain they can and will. They don't have to figure anything out or hack anyone's email database.
     
  18. dpeters11

    dpeters11 Hall Of Fame

    16,252
    490
    May 30, 2007
    Cincinnati
    Hey now, at least its not Lotus Notes or Groupwise :)

    Besides, so many companies use Exchange, it's good to know.
     
  19. Hoosier205

    Hoosier205 New Member

    6,659
    14
    Sep 3, 2007
    Many governments use Exchange as well.
     
  20. dpeters11

    dpeters11 Hall Of Fame

    16,252
    490
    May 30, 2007
    Cincinnati
    True.

    And on email, there honestly is no value to hacking an email database. There is no point. Credit card info etc sure. But email addresses are pretty worthless I'd think.
     

Share This Page