Please could MNHQ delete all PM inboxes of those on The List?

[boatsgoby]

My home address is in at least one of those inboxes, which obviously is now far from secure.

[SoupDragon]

I have a nice Select All button too. I think it might only do that page though.

Maybe use the desktop site rather than app or mobile site.

[SoupDragon]

One of the reasons it took so long for me to delete my own PMs is that I was saving stuff to Word as I went. Surely people on the list can do that?

Not if MNHQ delete them all as you suggest.

[Thurlow]

I don't want my PMs deleted. I was on the list, though with an email address. I'd be really, really pissed off if all my PMs just disappeared.

[GreyAndGoldInTheMeadow]

They can't do that if mn hq just barge in and do it for them though. I really would think of the people who were on the list that have sensitive info in their pm is fairly low. Of those people who do, most will have already taken steps to ensure their account is secure. The chances of someone logging into one of the accounts that don't fall into any of the previous groups and searching their pm's for random info really must be tiny.

[boatsgoby]

Well, MNHQ would give you notice, so you have time now, surely, to go through, copy what you want, and delete the rest? That's what I did, hence the length of time involved. Yes, it was some loss, and I would've preferred not to do it, but it seemed the safest option for me and for people I have PM'd.

[GreyAndGoldInTheMeadow]

But I don't have anything of any use to anyone in my pm's,. Hell I'd quite happily post the lot on a thread and they'd be of no interest even to anyone on here let alone a hacker, so why should I be forced by mnhq to delete them all.

[SoupDragon]

it seemed the safest option for me and for people I have PM'd.

What is there to be safe about?

99% of PMs do not include any sensitive information whatsoever.

[CoteDAzur]

How ridiculous. Has it occurred to you that some people might want to keep their PMs?

Delete your own PMs if that's what you want and ask MNHQ to delete the same in your correspondents' inboxes/outboxes.

[GreyAndGoldInTheMeadow]

Also I'd be surprised if the hacker had released details of all the affected accounts. I'd have kept some info back, the list seems to only show user names and passwords when its possible to log on with email address and password. I don't believe NOBOBY in the time they where gathering info logged on with an email address. I'd be more concerned about those who weren't on the list who are blithely going about their mnetting thinking they are safe.

[boatsgoby]

OK, I could do without the abuse. I'm leaving this thread now. People can think about deleting PMs and how to do it if they want to. I'm surprised some of you think it Ok for individual posters to bother MNHQ with individual requests, but whatever. I do think people on the list have a responsibility towards others, but clearly some disagree about thinking about others.

[scatterthenuns]

I'm on the list and don't want my PMs deleted either.

[YonicScrewdriver]

Boat

If you think there is still phishing going on then all PMs should be deleted and you should log off.

If you don't, those on the list will have all had pwd changes so are at no more risk than anyone else - either they've been read already or they haven't - more likely the latter.

[Thurlow]

What abuse? I thought posters were just saying that they wouldn't like their PMs deleted en masse.

[YonicScrewdriver]

By all I mean a universal delete across MN.

[YonicScrewdriver]

It's not abuse to point out practicalities.

[SurelyYoureJokingMrFeynman]

Woah, woah.

Stressful subject and everyone's het up right now. Not ridiculous to raise as a topic, and also not abuse to think through practicalities of different kinds of deletion.

for all the busy deleters.

[Gobbolinothewitchscat]

I'm totally confused now but I agree with the comment that all this deleting is a bit after the event plus there have been password changes

I don't really PM much and just use it as I would the boards - ie I don't swap personal details such as addresses. There is one poster who knows who I am in real life and I know who she is but I trust her entirely! That said, I'd usually use email to communicate with her.

It might be worthwhile going forward if posters swapped email addresses if they think they will be discussing anything very sensitive it want to swap addresses

[SuburbanRhonda]

To all those saying PMs shouldn't or don't contain personal information, on the school uniform thread earlier in the summer, where MNers were offering to send, post-free, used school uniform to anyone who had a need, there was a lot of exchange of information because people needed to know where to send things to.

Had we realised the site was about to be hacked, we would, of course have asked the recipient to delete the PM once the items had been sent and deleted it ourselves from our sent boxes.

One very kind poster from this thread let me know she was on the list and one of her PMs had my name and address in it. So all my PMs have been deleted and so have hers, but that won't be the case with everyone who was kind enough to donate on this thread.

[Simurgh]

I've deleted all my PMs including the Sent box. It was just a good wake-up call to do some extra housekeeping.

[bumbleymummy]

Please do NOT do this!!! I have had some lovely messages over the years and I do not want to lose them! I do not have anyone's personal addresses in my Inbox.

Is there a way to batch download PMs in case MN do decide to do this?

[ALassUnparalleled]

Oh dear I was on the List.

I don't store pms but I have sent one to a poster which had my real name and home address.

I can't even remember which poster and she may have name changed as it was a while back.

Really whether one was on the list or not shouldn't every one who has personal information about any other poster stored in an inbox delete it and save anything needed elsewhere?

It may of course be too late now- if he accessed in boxes he has the information and the site should not now be hackable but for the future maybe if a poster has shared real life personal information you should move it out of inboxes?

[JustineMumsnet]

@akkakk

boatsgoby
with the forced logout and the change of password - in theory, no one can log into any of those accounts any more, other than the genuine owner who has had a password reset sent to their home email address...

while the hack was live, anyone with access to the list could have logged in and read those PMs - however, it is unlikely they did / there is little evidence of any info from PMs being released / if they did, it is too late to ask MN to delete it now...

so, while I can understand your concern I am not sure that it will actually make any difference...

This is correct - thank you akkakk, for this and other helpful posts. We've zero evidence of any external access to user data after the first password update on Tuesday.

[ALassUnparalleled]

You don't actually know if he read or didn't read pms. The fact he has not disclosed information from pms doesn't mean he does not have that information.

You don't actually know if those on the list were all the accounts hacked.

All you do know is that every member now has a different password so the fairly small window of opportunity for him to access information is closed.