Spark has received high praise for warning its customers of a security breach that was not its own fault.
About 21,000 telco's users' details had leaked on the dark net after they used the same login details other sites.
Netsafe executive director Martin Cocker says Spark made a brave move in telling customers what happened.
"They should be commended for taking that step. They do risk consumers becoming confused and thinking that Spark is at fault."
Spark reset the passwords, saying fewer than 50 of the 21,000 had shown suspicious activity so far.
Mr Cocker says it highlights the importance of having multiple passwords.
"People are testing a password they find at one place with your login details on another site. If you have the same password, there's every chance they'll access that other site."
Mr Cocker says it's difficult for internet users to identify which sites may be weaker than others.
Spark told Newshub its security team regularly scours the dark corners of the internet to keep an eye out for things like this.
"This is good community citizenship on our behalf to take steps to make sure our customers have safe credentials," spokeswoman Ellie Cross said.
"If you're reusing your username and password across multiple sites, you're completely vulnerable."