Welcome to Tesla Motors Club
Discuss Tesla's Model S, Model 3, Model X, Model Y, Cybertruck, Roadster and More.
Register

BP Chargemaster systems compromised?

This site may earn commission on affiliate links.
MrBadger

MrBadger

Badger out
Jun 17, 2019
11,199
8,797
Surrey, UK
#1
I got an email this morning supposedly from BP Pulse about spoof emails from their BP Chargemaster email address.

1616142515958.png


Anyone got similar and try the links at the bottom? Not 100% its genuine as I cannot see where the links take me so just being cautious. TBH I cannot actually remember signing up for BP Chargemaster unless its from Polar Instant. It is sent to an email alias that I do not widely use so one less likely (and recently confirmed) to be on any suckers lists. However recent widespread Microsoft Exchange Server compromises may have changed that.

Unfortunately I cannot check the links on phone without risk of opening active content and on PC I don't get the email body unless I again risk opening any active content.

If it is true, they have not helped themselves by sending the email with a browser view to what looks like a mailchimp

1616142039931.png
 
Last edited:
#3
I received this email too, never used BP Chargemaster/Polar. Although thinking about it, I may have signed up to the service as I went on a EV charging infrastructure signing up frenzy, to cover all eventuality of running out of charge when waiting for delivery of the my first EV, (totally unnecessary range anxiety issue I was dealing with at the time :) )
 
#4
It appears genuine. The email was sent to the email I used to register to ChargeYourCar.

The reports I’ve seen about the malware emails appeared to be sent to people who had reported faulty chargers and contained mention of chargers being reported, so it wasn’t some random scatter gun approach that just pretended to come from BP Pulse. It appears there has been a data leak, and it’s always disappointing to see the very guarded and rowing for shore response in the follow up email. Though not unusual. I’ve reported to companies when specific email addresses I’ve used with them have immediately started receiving concerning emails just after signing up with them, and they almost always immediately state it’s nothing to do with them, if they bother responding at all.
 
  • Like
Reactions: Durzel
#6
Yea, you don't inform the ICO on a phishing problem - this looks like something has been popped and some level of data comprised.

Suggest that if you re-use your charge your car or BP passwords you do a round of changing (and get a password safe).
 
  • Like
Reactions: Durzel
#8
Bantam said:
I received this email too, never used BP Chargemaster/Polar. Although thinking about it, I may have signed up to the service as I went on a EV charging infrastructure signing up frenzy, to cover all eventuality of running out of charge when waiting for delivery of the my first EV, (totally unnecessary range anxiety issue I was dealing with at the time :) )
Click to expand...
This right here.... Just what I did 😆
 
#9
Avendit said:
Yea, you don't inform the ICO on a phishing problem - this looks like something has been popped and some level of data comprised.

Suggest that if you re-use your charge your car or BP passwords you do a round of changing (and get a password safe).
Click to expand...
This.

Their email is a bit cagey, I would argue intentionally. As @Avendit said you don't inform the ICO if someone is sending phishing emails as you, as that happens all the time anyway.

Surely they are obliged to say what information has been compromised? There is a chance presumably of credit card information having been leaked?
 
#11
Durzel said:
This.

Their email is a bit cagey, I would argue intentionally. As @Avendit said you don't inform the ICO if someone is sending phishing emails as you, as that happens all the time anyway.

Surely they are obliged to say what information has been compromised? There is a chance presumably of credit card information having been leaked?
Click to expand...
I think the GDPR timeline saying that -something- has been compromised trump having a full understanding of the situaion before sending that email (as people used to use this as a result to essentially never send the email). Hopefully more details to come.

If there was even a hint of CC info I would hope they would have said more, but its on the system so it has to be a possibility. Just down to how they were storing and accessing them and how well the backend was designed.
 
  • Like
Reactions: Durzel
#13
Haydj said:
Out of curiosity, because I don't know what one is, what is the problem with a "mail chimp"???
Click to expand...
It's just a popular bit of software for managing marketing mailing lists and so on. But it hides the true destination of a link (so the marketing people can count how many people clicked something then bounce you on to the content you wanted). But it makes it impossible for you to evaluate if the link is safe to click or not.

Sooo, bet to junk the email 😁
 
  • Like
Reactions: MrBadger
You must log in or register to reply here.

Similar threads

MrBadger
BP Pulse account administration?
Replies
11
Views
2K
The UK and Ireland
MrBadger
MrBadger
danny
  • Sticky
  • Article
TMC Website Tutorial
Replies
79
Views
54K
Site Feedback & Announcements
Solar Windman
S
Mr Miserable
  • Article
30 hour wait for recovery. Lessons learnt.
Replies
425
Views
58K
The UK and Ireland
Midnightsun
Midnightsun
T
20,000 mile USA road trip with a Model 3
Replies
18
Views
7K
Model 3: Driving Dynamics
Patranjo
Patranjo
jesselivenomore
Elon Musk vs. Short sellers
Replies
741
Views
311K
TSLA Investor Discussions
winfield100
winfield100
Top
Back
Blog
New
Forum list
Marketplace
Menu