PlusNet owns up to security breach

PlusNet is undergoing an overhaul of its webmail platform following a security breach earlier this month.

The ISP used a Service Status message on its website to inform customers its existing webmail system has been migrated to a Squirellmail platform on Saturday to ensure an earlier breach in its customer email address database does not happen again.

Is there a skills shortage?

Tell us what you think of the IT workforce in silicon.com's 2007 Skills Survey.

PlusNet discovered the breach on 9 May. It involved an undisclosed number of customer email addresses and customer contact lists being disclosed to a third party. As a result, these customers received an unusually large amount of spam, including offers for cut-price pharmaceuticals.

The ISP said a small number of customers may also have downloaded a Trojan horse in the process. However, the company said credit card details had not been exposed.

In addition, the ISP said one of its six mail servers was breached and anyone connected to it at the time may have had their login details observed.

PlusNet networks director Phil Webb said in a statement: "We take the security of our customers' information very seriously and would like to reassure customers that the incident is being handled with the utmost importance and that at this stage in the investigation we believe no other personal information, including credit card details, has been disclosed."