BT under investigation over exposing 'users credential en masse'
British multinational telecommunications services BT is under investigation for reportedly exposing 'user credentials en masse'.
The UK's data authority the Information Commissioner's Office (ICO) is looking into BT's data practices, as it was revealed that the company was moving its customers' email accounts from a Yahoo-powered system to its own bespoke set-up.
According to the BBC, in response BT said the complaint 'relates to an issue identified and fixed'.
The whistleblower is believed to have been a former employee of Critical Path, the company tasked with building BT's new system for email, the report said.
The ICO has also expressed concern that BT was allowing insecure logging-in using HTTP, rather than the encrypted protocol HTTPS.
BT said that the assessment was a mistake, adding that 'BT Mail is HTTPS, not HTTP, and the company would not use HTTP with live customers.
The issue of spamming and scamming, BT said, was being confused with issues affecting Yahoo customers, and was not limited to BT, the report added.
(Posted on 17-03-2014)