Hi Guys, In relation to the queries raised around the bitterwallet article, we’d like to advise you that The action of applying hundreds of pounds of cost to a customer, as described in Bitterwallet, will not work unless payment is made using a credit card. We want to make online account management as easy as possible for customers. In order to add items to accounts we ask customers for their telephone number and post code. Customers are automatically notified of any change to their account using previously agreed, preferred contact details via letter or email. If a customer who receives a notification believes, for whatever reason, that they have not made any addition to their account we would investigate and arrange a cancellation if required. Cheers Sean

SeanD does that mean that BT have not done anything to close the loophole yet or that they are not going to do anything at all?

BT,

I am absolutely stunned at your [lack of] performance regarding this issue. As a BT customer I am extremely dissapointed by what SeanD said:
"we’d like to advise you that The action of applying hundreds of pounds of cost to a customer, as described in Bitterwallet, will not work unless payment is made using a credit card"
Ok, so it will only affect the minority that pay using a credit card. That's ok than. And if/when it does affect that minority, they will be notified about it.

NOT GOOD ENOUGH! BT, you are a sham. I feel so strongly about this that I actually registered on this forum, most times I would let it go by, but I really feel my voice has to be heard. Not by the other forum members, but by you, BT. I would phone customer services, but they probably won't have a clue about what I am talking about, right?

SeanD, BT, doing nothing about this other than just simply saying it will affect a minority is wrong. I'm sure it actually breaks the law somewhere. You can't just do nothing about it, thats anarchical! So, I go and burgle someones house, but pin a note on their door on the way out saying I have done so, thats ok right?

Also, regarding the login page encryption... neither is the register page for this forum encrypted... so all my details, password and name that I typed in went right across the internet unencrypted. I'm stunned that such a company behaves this way. The day my BT phone line contract is up I am changing, without doubt. I want to be as far away from you [BT] as I possibly can ever get.

this is a monumental mistake for you [BT] to not do anything. I'm stunned, completely stunned.

100% Agree!

 

---

Simomax wrote:

BT, doing nothing about this other than just simply saying it will affect a minority is wrong. I'm sure it actually breaks the law somewhere.

 

The law your most likely refering to would be the data protection act 1998, Schedule 1, The Data Protection Principles, Part 1 Principles, subsection 7.

 

"Appropriate technical and organisational measures shall be taken against unauthorised or unlawful processing of personal data and against accidental loss or destruction of, or damage to, personal data."

http://www.legislation.gov.uk/ukpga/1998/29/schedule/1

 

Mmm.

Maybe a rival telco could choose a random name from the phone book, then get the number and postcode, type them in, get the renewal date, call at renewal time and potentially gain a new customer!

Or maybe a telco would know that Mr.X has BT as their supplier, call Mr.X claiming to be from BT, get some more details (as part of their fake security checking procedure), even offer a better deal, then bish, bash, bosh....
....they take the line over! - with a lot of hassle for Mr.X in getting it back with BT.

 

---

SeanD wrote:
Hi Guys, In relation to the queries raised around the bitterwallet article, we’d like to advise you that The action of applying hundreds of pounds of cost to a customer, as described in Bitterwallet, will not work unless payment is made using a credit card. We want to make online account management as easy as possible for customers. In order to add items to accounts we ask customers for their telephone number and post code. Customers are automatically notified of any change to their account using previously agreed, preferred contact details via letter or email. If a customer who receives a notification believes, for whatever reason, that they have not made any addition to their account we would investigate and arrange a cancellation if required. Cheers Sean

---

Frankly, not good enough. I'm very concerned now. Makes me wonder what other gaping security holes there are that you know about but just don't care enough to close.

 

Crikey, after reading through all the comments, it seems I have a right to be worried

So what are BT doing about it?