Some Telecom YahooXtra mail users locked out after more accounts compromised
Telecom's YahooXtra email service, hosted by Yahoo, was again compromised over the weekend.
Customers with hacked accounts had spam messages sent to their contacts.
Each affected customer is blocked from their account until they reset their password (Telecom has published a how-to here).
How many were hit? Telecom spokeswoman Lucy Fullarton told NBR, "we don’t have confirmed numbers and so don’t want to speculate. However, I can say that the numbers affected are significantly less than back in February."
Telecom and Yahoo are still trying to establish the root cause of the latest incident, Mr Fullarton says.
A large scale attack in February saw Telecom cancel passwords for around 75,000 of its 400,000 or so customers who use YahooXtra mail.
Another attack in April saw between 100 and 1000 accounts compromised.
In an April report following the February incident, Telecom outlined several changes, including a move from bespoke to Yahoo-standard mail infrastructure.
Today, a Yahoo rep updated NBR on that point,
This is a very complex project and we’re not in a position to give timeframes for completion.
However, it is important to note that the move to standardised infrastructure was about offering customers a more scalable and flexible platform, with greater redundancy than our previous setup, improving the reliability of the service.
It does not prevent SPAM attacks – although the move does help us to reduce the impact of SPAM attacks, as we are able to more quickly activate and deploy Yahoo global resources and technologies.