Telecom says it has isolated Yahoo Xtra customers compromised by hack attack
Telecom is claiming a breakthrough with security problems suffered by its Xtra email service, hosted by Yahoo in Sydney.
The company is initiating a password change programme to fix problems with compromised Yahoo Xtra customer email accounts.
Telecom, in conjunction with Yahoo, has identified that up to approximately 5% of Yahoo Xtra email customer accounts have been sending malicious emails – most likely without the customer’s knowledge, after their email account was accessed, the company says.
"It's great to be making progress on the effect of this and we are sorry for the hassle this has been. As soon as we have helped our customers remove the issue we can focus on the review and what customers really need from email over Telecom Broadband"
Yesterday, Mr Quin hinted Telecom's email review could lead to Yahoo being dumped.
Yahoo has informed Telecom that there is currently no evidence to support reports that access has been gained to any user information beyond email addresses within a customer’s account, however Yahoo continues to monitor the situation. Telecom is in continuing dialogue with Yahoo based on individual customer feedback it has received in relation to such concerns.
Telecom CEO Retail, Chris Quin, says Yahoo has given Telecom an assurance that changing customer passwords stops these accounts from sending malicious emails.
“We would like to thank the around 5,000 affected customers who have changed their passwords in recent days. Yahoo! has assured us that malicious emails are no longer being sent from these accounts.”
Telecom will shortly commence a process of progressively contacting the remaining affected customers and asking them to change their password immediately.
To reach customers as quickly as possible, an email will be sent from Telecom to affected customers. The Telecom email will not contain any links, to avoid any fears by customers that it is another malicious email. Any email purporting to be from Telecom or Yahoo, that encourages customers to enter an embedded link and their password credentials should be regarded as suspicious and should be deleted.
“Our aim is to manage the password change process as effectively as possible and make it easy for customers to complete the process online themselves at Telecom’s secure website,” says Mr Quin.
“If customers are not able to personally change their password within around 24 hours of our notification, we have a contingency process in place which will require customers to change their password the next time they access their email account. This process will be outlined in the email advice we are sending to our customers. However we think it’s much better for our customers to regularly manage their password change process and we urge them to make this change as soon as they receive our email advice.”
Although the accounts of the vast majority of Yahoo Xtra customers have not been directly affected by this security breach, some of them may still be receiving malicious emails purportedly from one of their contacts. However, these customers should not face any security risk if they simply delete suspicious email.
Telecom encourages customers who receive such emails, apparently from a trusted contact, to get in touch with their contact and let them know their account appears to have been affected by a malicious attack and that they should change their password. They should not hit the reply button on the suspicious email but send a separate communication to their contact.
Telecom continues to recommend that as good practice, all email customers change their password regularly, using a combination of letters, numbers and symbols. Passwords can be changed at www.telecom.co.nz/changepassword where guidance on good password practice can also be found.
Mr Quin adds: “We appreciate that many Telecom customers use their broadband connection to access email, either via the Yahoo service or other email services and we want to assure them that they can continue to use their broadband connection with confidence regardless of the email platform they choose. As we announced yesterday, we are undertaking an urgent and comprehensive review of our approach to email service to best meet our customers’ needs.”