Telecom CEO Simon Moutter has ruled out compensation over the Yahoo Xtra security breach and phishing attack.
On a results conference call earlier today, Mr Moutter was asked if there would be any compensation credits.
He said there would not be any dished out (some pundits have suggested credit in the form of a month's free internet access).
Telecom was sorry about the incident, and Mr Moutter had talked directly with Yahoo's CEO. But cyber attacks were a fact of modern life, and Yahoo's webmail was a general service used by those beyond Telecom (although Telecom has branded it Xtra in its case).
Separately, Telecom has again sought to draw a line under the incident, saying its customers are no longer compromised.
On Saturday Telecom cancelled the existing passwords of approximately 87,000 accounts that were sending spam after a cyber attack. Since then more than 65,000 users have changed their passwords. The balance has been identified by Telecom as having been inactive for at least 90 days before the attack, the company says (see full statement below).
Mr Moutter sheepishly admitted he was one of those who clicked on a "phishing" link, leading to his contacts being scammed.
But some, including government-funded NetSafe and the Institute of IT Professionals NZ, are more worried about the separate, direct security breach of Yahoo's mail servers could have lead to address books and email being downloaded for use in a future attack.
A graphic example of the fact phishing emails weren't just sent from the accounts of people who clicked on rogue links: One NBR reader received an email sent from the account of Capital & Merchant Finance director Neal Nicholls, currently jailed with no internet access.
Telecom and Yahoo say there is no evidence that happened. The Institute has countered that there isn't any evidence that did not occur.
Time will tell.
Mr Moutter's comments about cyber attacks being a fact of modern internet life notwithstanding, Telecom has launched a review of its email partnership with Yahoo.
RAW DATA: Telecom statement
TELECOM CUSTOMERS NO LONGER COMPROMISED FOLLOWING CYBER ATTACK
Telecom’s Yahoo! Xtra active email customer base, whose accounts were compromised due to a cyber attack, have now changed their passwords.
On Saturday Telecom cancelled the existing passwords of approximately 87,000 accounts that were sending spam after a cyber attack. Since then more than 65,000 users have changed their passwords. The balance has been identified by Telecom as having been inactive for at least 90 days before the attack.
Telecom CEO Retail, Chris Quin, says the majority of the users who were impacted made the changes required online by following detailed steps on Telecom’s website.
“We really appreciate the patience our customers have shown during what we know was a hugely stressful and inconvenient time for them. We share our customers’ frustration which is why we are conducting a thorough review of this situation. In the meantime, we continue to urge everyone to regularly change their passwords, not just those who have been impacted by this incident.”
All Telecom broadband customers receive a complimentary Yahoo! Xtra email account as well as other benefits such as a free Flickr Pro account for managing photos and video content.
Mr Quin says Telecom’s broadband customer base has remained stable despite the cyber attack and the team are working hard to ensure that does not change. “Most customers understand that their email and broadband account are not mutually exclusive.”
Yahoo! NZ general manager, Laura Maxwell-Hansen, says, ““Yahoo! places considerable focus on email security and we have and will continue to work hard to minimize the impact of cyber attacks.”
- Telecom has 450,000 broadband customers.
- Yahoo! Xtra email is offered free of charge to all Telecom broadband customers.
- The majority of compromised customers changed their passwords themselves, mostly online.
- The balance has been largely identified as inactive or infrequently accessed, meaning they had not accessed their email account for 90 days prior to the attack. These accounts will continue to have temporary passwords on them and the account holders will have to change their passwords before they are able to access the accounts.
- Telecom plans to contact those remaining account holders to ensure accounts are re-secured or closed.
- Yahoo! has assured Telecom that there has been no evidence that email accounts were accessed for any other reason than to send spam.
This article is tagged with the following keywords. Find out more about MyNBR Tags
- Parent, widow of Pike River casualties fail to force review of decision to drop charges against Whittall
- iPredict decision the work of 'officious aliens' – Crampton
- Joyce associates openly talking about leadership change
- Scentre Group to sell three Westfield malls to NZ firms for $549m
- High Court hears allegations over redacted report in Trends R&D funding case
Most listened to
- Tim Hunter on why Veritas is doing it the hard way
- Matthew Hooton on whether Steven Joyce will be the next national leader
- Rodney Hide on why all city planners should be fired
- Nevil Gibson discusses his latest Editor's Insight on films
- The NBR crew throw around some of the week's top stories
- Rob Hosking breaks down the political and economic week that was
- "A tragedy" - David Farrar on his disappointment with Simon Bridges
- New F&P product pipeline exciting, says Macquarie senior investment adviser Brad Gordon
- Taupo Motorsport Park executive director Tony Walker on the park's rebranding
- NZIER senior economist Christina Leung on why she does not think the OCR will hit 2%
- NBR's Cameron Officer talks about the NBR Car of the Year 2015
- John Barnett on Brewer: ‘Boy, has he got a bit to learn’