Windstream (Kinetic by Windstream) Webmail Hacked
(Tip: Everyone should look into their email filters, use a password manager and change their passwords often.)
If you have been a Windstream customer for the past few years, then you need to log into your email account using their webmail service to see if your account has been compromised. My parents have been using their Internet service long before it was Windstream. When they first got Internet service here in North Carolina it was VNET Internet, then it changed to CTC Internet, then Windstream, and now Kinetic by Winstream.
I have configured their Windstream email to work in Thunderbird Mail or to a bookmarked link to Windstream Webmail (https://webmail.windstream.net/). It recently started redirecting that link to the main windstream.net website. You now have to click the Email link in the upper right corner of their website.
It will redirect you to an auth-gateway.net website where you will be prompted to enter your Email Address and Password.
If you have an older email account you will be rerouted to www.windstreambusiness.net. Google Chrome will inform you that the security certificate is from web.garnet.synacor.com. Chrome will provide you with the message, "Attackers might be trying to steal your information from www.windstreambusiness.net (For example, passwords, messages, or credit cards).
It will then log you into your Windstream email account. I then clicked on Preferences and then the Mail Filters and I discovered someone hacked into the account and created filters to send email with certain criteria to the Email address [email protected]. That account belongs to someone from The Czech Republic.
I was able to remove the hacker's email and all of his/her filters added to the account, but I am unable to change the account password. Since the account has been compromised it is not safe.
I contacted Windstream on behalf of my mom, because she is 80 years old and she knows very little about computers and the Internet. She's just able to click links that I setup for her on her computer. The Winstream employee said that they could only help my dad because the account was registered in his name. They said my dad would have to provide them his social security number in order to prove he's actually the owner of the account. I told them that would be impossible because my dad died this past January 5, 2021. Then they hung up on me.
On Tuesday, June 15, 2021 I emailed [email protected] and explained how my mom's Windstream account was hacked. They responded on Thursday, June 18, 2021 and told me to contact their support at 888-292-3827.
I had my mom to call the tech support number and provide them with the information needed to prove she was the owner of the account. Then she explained to them that I would be the one explaining the problem to them. Well the lady from Windstream transferred my call to somewhere else. I was on hold a while and then some guy answered and had me to explain the problem. He first tried to say the instructions for changing an account password was on their website. I told him that was part of the problem. I said those instructions don't work because the website has been hacked. He told me that he would email the instructions to me. I asked him if he would temporary change the password with those instructions to prove they work and then send them to me so would know that I was capable of changing the password. He then told me that I would have to let him know my new password and give him my credit card number because it will cost $9.99 for him to change my password. I told him that I am not giving anyone the new password or credit card number. I told him that it sounded like he's a hacker trying to steal my new password and get my credit card details. I told him that my mom would be better off with a different Internet provider and then I hung up.
For the past few weeks my mom's Internet has been going out about three to four times daily. We would have to unplug her modem and let it set for a few minutes and then plug it back in. I don't know if the hacker is the reason for the dropped connection or just a terrible service since it's starting to get hot outside.
According to Have I Been Pawned the Windstream email address on my mom's account was part of the Cit0day security breach that exposed 226 Million email addresses and passwords. The hacked email address is not the user's fault, it is Windstream's fault because Windstream has been hacked.
If you are a Windstream user please go to the Have I Been Pwned (https://haveibeenpwned.com/) website to see if your Windstream email account was compromised. Please check any email that you use on that site to protect your information. I created a webpage called How Safe are Your Passwords? that helps explain how to protect your online email accounts.
Windtream account hacked Kinetic account hacked
June 18, 2021