Member log in

Some Telecom YahooXtra mail users locked out after more accounts compromised

Telecom's YahooXtra email service, hosted by Yahoo, was again compromised over the weekend.

Customers with hacked accounts had spam messages sent to their contacts.

Each affected customer is blocked from their account until they reset their password (Telecom has published a how-to here).

How many were hit? Telecom spokeswoman Lucy Fullarton told NBR, "we don’t have confirmed numbers and so don’t want to speculate.  However, I can say that the numbers affected are significantly less than back in February."

Telecom and Yahoo are still trying to establish the root cause of the latest incident, Mr Fullarton says.

A large scale attack in February saw Telecom cancel passwords for around 75,000 of its 400,000 or so customers who use YahooXtra mail.

Another attack in April saw between 100 and 1000 accounts compromised.

In an April report following the February incident, Telecom outlined several changes, including a move from bespoke to Yahoo-standard mail infrastructure.

Today, a Yahoo rep updated NBR on that point,

This is a very complex project and we’re not in a position to give timeframes for completion.  

However, it is important to note that the move to standardised infrastructure was about offering customers a more scalable and flexible platform, with greater redundancy than our previous setup, improving the reliability of the service.

It does not prevent SPAM attacks – although the move does help us to reduce the impact of SPAM attacks, as we are able to more quickly activate and deploy Yahoo global resources and technologies.

Comments and questions

Going by the number of SPAM emails I received from Xtra email accounts, I would say this effected many thousands of customers.

That's it, I'm off to find a new ISP from today!
Total incompetence that has caused me countless issues of a legal nature.

Don't know why they have any customers. It just astounds me in this day and age..

Why is it that Telecom just does not learn from its mistakes. We had been having problems al day logging into to our account.

Why could Telecom not take the small courteous step of letting us know there was a problem.

This is not the fist, second or third problem we have experienced. It has happy many times.

Where is the compo for your aggrieved clients? How about spending less money on your CEO's pay package and bonus and more money on protecting your client's confidential information.

It's time to make changes at Telecom. It starts at the top. If the CEO can't recognise that there ar some fundamental issues that need a serious fix - it's time for the shareholders to dump the CEO - and without any golden handshake!

The first needs to be a caring and prompt service at the call centre - noboday appreciates being putting on hold for eternity.