Sky users forced to reset passwords after credential stuffing attack

Sky Broadband customers prompted to reset their passwords due to a possible data breach

Users prompted to reset their passwords as Sky takes precautionary measures in data protection.

In the email sent out to customers, Sky is recommending its customers to visit their official website and call the provided phone number to unlock their Sky accounts.^[1] The company has reset them, and they need to take a series of steps to get back to their emails. According to the officials, these are precautionary security measures only.

The email sent out to customers is stating:

At Sky, we take the security of your data and information extremely seriously. To help keep your account safe we have reset the password for your Sky account.

As Sky support reports, the event that happened last week is the reason why the company has locked users out of their accounts.^[2] Sky hasn't made more notes about the particular incident or when it took place. However, it has stated that accounts were locked, not breached. This is merely for managing good passwords and keeping users' accounts safe, as the officials claim. Other researchers believe that this account locking was taken into consideration due to the credential stuffing attack.^[3]

Hackers accessed some Sky email accounts even before this account reset

It is believed that the issue of data security has been taken seriously because of the attack involving credential stuffing last month. This incident involved sky.com email provider Yahoo, which was subjected to a huge data breach back in 2014, and the information was disclosed in 2016.^[4] During this attack number of email accounts got accessed by an unauthorized hacker.

This was an automated process known as credential stuffing when usernames and passwords collected during breaches and obtained via phishing campaigns go through the system to find a potential match, with the intention that people use the same logins for more than one account. When this took place, customers were contacted by Sky and got their IDs and passwords reset. Unfortunately, back in 2018, we reported another data leak regarding the Sky Brasil when database ElasticSearch, now well-known as unsecured, was accessed.^[5]

Many questions raised about the cybersecurity after the password reset emails

As the company said this password reset shouldn't be taken too seriously, because to keep customers, and their accounts safe the Sky does this from time to time and encourages users to do that more often. However, different members of the support team have different statements, according to customers on social media. Some of them remain stating that this is for “good password management,” but some of them answered the question with “to keep customer account safe after the incident that happened last week.”

It remains unclear what causes this step exactly. However, researchers that reported this issue all state that it shows how badly the company handles particular matters. There is a need for the statement from the Sky with details and better communication with customers who are being asked to reset their passwords out of the blue.

Everyone regarding the company should be noted and state the same information when there is a particular reason behind these actions. How many customers got these emails with encouragement to reset their passwords still remain unknown, but it is clear that not all Sky customers received such notifications.