Anyone who has been receiving obsessive password reset emails when they do not request password resets for their Koodo account should be seriously concerned. For months I’ve been intermittently receiving password reset emails, sometimes 4-5 per day that I do not request and yes they are from Koodo. I’ve contacted Koodo multiple times and they told me they were sent in error and to ignore them. Alas, I keep receiving them. Multiple times. I’ve changed my password 10-12 times now, just to be certain.
Today, I received an alarming email from Koodo, pasted below. I just want to make everyone aware that this has happened to me and to connect with Koodo if you’ve been receiving password reset emails incessantly. I’ve had to call Equifax to add a fraud alert to my credit file and will be cancelling my service with Koodo. This is totally unacceptable.
Dear (name removed for privacy):
We recently detected a security incident impacting your Koodo online account.
Koodo Security identified that a suspicious IP accessed your Koodo online account on or about July 3, 2023.
Login credentials can be compromised in different ways: you may have received a fraudulent call requesting your credentials, clicked on a malicious link, visited a suspicious website or had your credentials compromised on a different website.
What we have done:
We are continuing our investigation. It is possible that your account may be used to acquire devices or services fraudulently. If any fraudulent charges occur on your account, Koodo will reverse any charges.
What you can do:
1. Reset your online account password by going to koodo.com/selfserve. Click on the "forgot your password" link.
2. Do not use the same username/password for multiple sites.
3. Use strong and unique passwords for each of your accounts.
4. Monitor your accounts closely for suspicious activity.
5. Never share your online login password with anyone over the phone - Koodo will never ask you for this password.
6. Contact Equifax at 1-800-465-7166 and TransUnion at 1-800-663-9980, to add a fraud alert to your credit file.
7. Check your username and password on www.haveibeenpwned.com. This is a free security resource for anyone to use to see if their credentials were compromised in a previous online data breach.
At Koodo customer privacy is of the utmost importance to us. We are taking this matter very seriously and remain committed to protecting your privacy. We sincerely regret any inconvenience or concern this may cause and look forward to continuing to serve you in the future. If you have any further questions, please contact us toll free at 1-855-525-6636, Monday to Friday, 8:00 a.m. - 5:00 p.m. (MST/EST).
The Koodo Team