Human error is the root cause of password reset email sent to AA customers

UK car insurance company AA accidentally sent out a ‘password update’ email to its customers, the incident was caused by a human error.

UK car insurance company AA accidentally sent out a “password update” email to its customers, the messages led the motorists to log into the motoring organization’s website to change their passwords. The concurrent access of a so large number of customers crashed the AA servers, then its customers couldn’t access their profiles, believing their accounts were compromised by hackers.

In reality, the incident was caused by a human error, according to AA no passwords had been changed and people couldn’t access their account because the server was flooded with access requests.

The AA company reassured its customers by confirming that the change password messages were sent out for error.

In a first time, the company confirmed that something of strange was happening to its customers, the message it posted on Twitter led use into believing that its customers were targeted by a phishing campaign.

Further investigation revealed the password reset messages were triggered by an error made by an internal,

Summarizing, if you are an AA customers ignore the password reset message sent by the company.

[adrotate banner=”9″]

Pierluigi Paganini

(Security Affairs – AA company, password reset)

[adrotate banner=”13″]