Telecom Continues to Urge Customers to Change Email Password
27 February, 2013
Telecom Continues to Urge Customers to Change Email Passwords
Telecom is continuing to urge Yahoo! Xtra customers to change their passwords after confirmation from Yahoo! of an increase in the usual volume of compromised email accounts.
As has previously been announced, approximately 87,000 Yahoo! Xtra email accounts (out of 450,000 total accounts) were compromised as part of a cyber attack which began on 9 February. The accounts were being misused by spammers to send malicious emails to contacts of the account holder without their knowledge.
Yahoo! continues to assure Telecom that there has been no evidence that email accounts have been accessed for any other reason than to send spam.
Over the past two days, Yahoo! has identified approximately 1500 additional accounts as being potentially compromised by spammers. While this is higher than usual, on any given day up to 100 accounts are tagged as compromised (due to a range of factors such as the account holder clicking on a malicious link, having poor email security etc), the reality is that this issue is now a fact of life given the global nature of the internet and the increasingly sophisticated tactics of spammers and cyber criminals.
Telecom has moved immediately to cancel the passwords of the additional compromised accounts. Affected customers will need to log back into their email accounts and change their passwords before they can continue using their accounts. Emails will still be received while their accounts are locked but they will not be able to send until they change their password.
Telecom will continue to proactively cancel the current passwords of any Yahoo! Xtra email accounts it believes to have been compromised as an ongoing precaution.
Experience to date has shown that cancelling the passwords of compromised accounts stops them being misused to send spam.
Over the past fortnight, approximately over one third of the Yahoo! Xtra customer base have changed their passwords since 9 February 2013 either voluntarily or after having their accounts temporarily locked by Telecom.
Telecom encourages customers to create strong unique passwords and to not use the same password for other online accounts including Facebook and banking.
The cause of the original Yahoo! Xtra email security breach remains the subject of ongoing investigation by Yahoo!
more information on how to change your Yahoo! Xtra password