BT email hacked

mm2 · ‎14-01-2024

Can anyone understand what's happened here please? yesterday afternoon my BT email had logged me out on my desktop PC (again), it's been happening a lot since the 'BT is changing' stuff started appearing. Only this time refused to recognise my login credentials and locked me out. Being unable to contact BT by any other means (long waits on chat, no answer on the phone) I messaged on Facebook at 15.57 asking for help. No reply and I had to go out.

At 19.18 I got a Messenger from a friend saying she'd received an odd email telling her my O2 password. The password was not my usual one, and Iater found a text from O2 on my phone timed at 15.14 saying I'd changed my password. I hadn't, so I logged in to BT using the fake password from my friend's message and changed my O2 password to secure the account.

I tried the same fake password to get back into my BT account but it didn't work, so I had to use 'forgottenpassword' to change it and secure my BT account.

Much later, I found a text on my phone from BT saying I'd changed my password timed at 15.02. That was not me, but was clearly the reason I'd been unable to log in all afternoon. So the breach occurred first at BT, which somehow enabled a breach of my O2 account a few mins later.

I have the BT email app on my phone but never use it to send email, I always use this desktop computer. The only link between O2 and BT is that I use my BT email address as my contact for O2.

When I finally got into my BT account late evening, I found one email sent to the friend who had alerted me in my outbox, exactly worded as she reported to me. I did not send that email, so who did?

I still haven't heard from BT with any help, I had to sort this out by myself and wasted a lot of time.

How could this have happened and how can I stop it happening again?

To summarise, the timeline is:

15.02 Text from BT about password change

15.14 Text from O2 about password change

15.16 Email sent from my BT address to my friend giving fake O2 password

Thanks if anyone can help

mm2 · ‎21-01-2024

Hi all, last week my btinternet email logged me out (again) and refused my password when I tried to log in

Being quite certain of my username/password I tried again ... and again ... and got locked out

Waited as instructed, and tried to reset the password using the one I knew to be correct. Surprise, surprise:

No answer from BT by phone, chat or Messenger ... but I did get a Messenger from a friend saying she'd received an odd email from my BT mail address, saying I'd changed my O2 password. Which I had not. Alarm bells!

I logged into my O2 account using the 'new' password and reset the O2 password.

Then I went back to BT and reset the password to a new one, with the ID check via my Outlook mail account which was unaffected.

The original BT and O2 passwords were completely different and my computer is protected by top-grade security software which does frequent, regular security scans, and blocks spyware/malware attempts.

The only link between BT and O2 is that my btinternet.com mail address is the registered email address with my O2 account, and the BT email app is installed on my phone, my phone service provider is O2. The only thing I ever use the mail app for is to share photos from the phone camera to my inbox so I can access them on my computers via the mail server, I do not send to other mail addresses or read incoming mail on my phone, the app is too slow and cumbersome. I do not use a mail client on my computer, I use webmail, Windows 10 and Chrome.

BT can't help and are saying security is my responsibility, as far as I can see I have done everything possible to secure my account so can anyone else help me find out how this breach happened, please?

Help!

BT email hacked