I have just had Spark confirm that if someone accesses the Live Chat on their website and has your NAME and DATE OF BIRTH, they can gain full access to your account, including being given new passwords for your email account.
I would have thought this is a pretty major flaw in that it seems awfully easy for someone to gain access to someones account. They did confirm if you specifically request it, you can get an additional password enabled in order to access account information. But most people won't have this or even be aware of it.
Is this me being paranoid, or is this a bit weak on behalf of SPARK?