cancel
Showing results for 
Search instead for 
Did you mean: 

OpenSSL

Anonymous
Not applicable
Are o2 able to confirm that the Community website, the mobile o2 app and the o2.co.uk website are secure so that those who want to can change their passwords as recommended? ?
Message 1 of 29
2,685 Views
28 REPLIES 28

Anonymous
Not applicable
Surely customers should be warned about something as serious as this? I don't just mean O2 either, the only mention I've seen of it is on the Nationwide app which confirms they haven't been affected.
Message 11 of 29
1,180 Views

Anonymous
Not applicable

All affected systems were patched pronto, and there is no reason to believe that any data has been compromised. If you asked directly you would have got an answer, I suppose the company didn't want to potentially scare many users when there seems to be no immediate risk.

Message 12 of 29
1,177 Views

Anonymous
Not applicable
To be honest Kyle yes I agree a company like o2 would have moved quickly but this issue has apparently been known for up to 2 years so we don't know if or data or our passwords are protected or not
Message 13 of 29
1,175 Views

Anonymous
Not applicable
And of course not all companies have completed the upgrade yet so the Internet security experts are saying not to update passwords until the company you are dealing with have confirmed they have upgrade / closed the issue.
Message 14 of 29
1,172 Views

jonsie
Level 94: Supreme
  • 92921 Posts
  • 608 Topics
  • 6913 Solutions
Registered:

I have painstakingly been changing passwords all day but rest assured another 'leak' will occur again in the near future. Best option as suggested is to change passwords regularly. I do agree that all the large national companies should be displaying warning notices on their landing page.

Message 15 of 29
1,171 Views

Anonymous
Not applicable
I will be changing those passwords for those companies I have spoken to tomorrow.

Companies don't help themselves as by nor telling people then what do we do? Phone up.
Message 16 of 29
1,167 Views

anticpated
Level 30: Meditator
  • 3412 Posts
  • 164 Topics
  • 53 Solutions
Registered:

The thing is though, everyone knows and the expected action of potential hackers is they will monitor the data packets and even if you do change your password when the patch is not in place, then potentially your details are still are not secure as they should be.

I haven't changed any passwords yet.

Another risk is XSS (Cross Side Scripting) where your data is retransmitted to a 3rd party website/server without you being aware of it. NoScript for Firefox is a good way to keep tab of that.

Anyway it's not like there isn't already to contend with.

Samsung Galaxy S10, Samsung Galaxy S21 Ultra
Message 17 of 29
1,164 Views

Anonymous
Not applicable
Glad to see many share my thoughts that large companies should be telling their customers there is no reason why O2 couldn't have put a message on the sign in page even if there was no problem
Message 18 of 29
1,159 Views

Bambino
Level 84: Resplendent
  • 22943 Posts
  • 1022 Topics
  • 3662 Solutions
Registered:

Both Google and Yahoo were affected and have now patched. They never posted any notification of a problem, so it's not surprising that O2 didn't either.

I DO NOT WORK FOR O2



Funniest-Thread-2
Message 19 of 29
1,154 Views

Anonymous
Not applicable
Very true Bambino but I would have to add that their absence doesn't make it right. .... 😈
Message 20 of 29
1,141 Views