Member log in

Telecom says it has isolated Yahoo Xtra customers compromised by hack attack

Telecom is claiming a breakthrough with security problems suffered by its Xtra email service, hosted by Yahoo in Sydney.

The company is initiating a password change programme to fix problems with compromised Yahoo Xtra customer email accounts.

Telecom, in conjunction with Yahoo, has identified that up to approximately 5% of Yahoo Xtra email customer accounts have been sending malicious emails – most likely without the customer’s knowledge, after their email account was accessed, the company says.

"It's great to be making progress on the effect of this and we are sorry for the hassle this has been. As soon as we have helped our customers remove the issue we can focus on the review and what customers really need from email over Telecom Broadband"

Yesterday, Mr Quin hinted Telecom's email review could lead to Yahoo being dumped

Yahoo has informed Telecom that there is currently no evidence to support reports that access has been gained to any user information beyond email addresses within a customer’s account, however Yahoo continues to monitor the situation. Telecom is in continuing dialogue with Yahoo based on individual customer feedback it has received in relation to such concerns. 
Telecom CEO Retail, Chris Quin, says Yahoo has given Telecom an assurance that changing customer passwords stops these accounts from sending malicious emails.

“We would like to thank the around 5,000 affected customers who have changed their passwords in recent days. Yahoo! has assured us that malicious emails are no longer being sent from these accounts.”

Telecom will shortly commence a process of progressively contacting the remaining affected customers and asking them to change their password immediately.

To reach customers as quickly as possible, an email will be sent from Telecom to affected customers. The Telecom email will not contain any links, to avoid any fears by customers that it is another malicious email. Any email purporting to be from Telecom or Yahoo, that encourages customers to enter an embedded link and their password credentials should be regarded as suspicious and should be deleted.

“Our aim is to manage the password change process as effectively as possible and make it easy for customers to complete the process online themselves at Telecom’s secure website,” says Mr Quin.

“If customers are not able to personally change their password within around 24 hours of our notification, we have a contingency process in place which will require customers to change their password the next time they access their email account. This process will be outlined in the email advice we are sending to our customers. However we think it’s much better for our customers to regularly manage their password change process and we urge them to make this change as soon as they receive our email advice.”

Although the accounts of the vast majority of Yahoo Xtra customers have not been directly affected by this security breach, some of them may still be receiving malicious emails purportedly from one of their contacts. However, these customers should not face any security risk if they simply delete suspicious email.

Telecom encourages customers who receive such emails, apparently from a trusted contact, to get in touch with their contact and let them know their account appears to have been affected by a malicious attack and that they should change their password. They should not hit the reply button on the suspicious email but send a separate communication to their contact.

Telecom continues to recommend that as good practice, all email customers change their password regularly, using a combination of letters, numbers and symbols. Passwords can be changed at www.telecom.co.nz/changepassword where guidance on good password practice can also be found.

Mr Quin adds: “We appreciate that many Telecom customers use their broadband connection to access email, either via the Yahoo service or other email services and we want to assure them that they can continue to use their broadband connection with confidence regardless of the email platform they choose. As we announced yesterday, we are undertaking an urgent and comprehensive review of our approach to email service to best meet our customers’ needs.”

More by this author

Comments and questions
4

How can Telecom know how many are affected? We changed our password immediately on receiving the dodgy mail. This requires you to change passwords on all other devices using Wifi . We feel Telecom has no crisis management planning. Just hope for the best but make sure the shareholders are looked after.

This is rubbish. My account was clearly compromised on the yahoo servers - nothing to do with me as I hadn't used the account for months. Spam was sent to all the senders of mail to my in-box. This means that someone had access to my emails. I rang Telecom and had the account closed. I asked for a credit and they handed it out $10 no questions. They said they would close the account immediately. The next day the account was still active. I manually deleted all the mail in the account. The xtra mail service can't be trusted, is clearly not confidential, and imho is best avoided. I don't think Telecom and Yahoo are being very transparent about the extent of the problem and in particular the fact that the security of their service has been completely compromised.h

"...To best meet our customers needs."
Yeah right they should have told them to change their email address as well. Now all those infiltrated emails are going to be used for spam. Good one telecom!
It must be great to get paid for bullsh*t.

I've gone to check my emails and it's asking for my password, which it normally doesn't, and when I try to put it in it's not accepting it. So I then go to change my password but it requires my old passsword to make a new one so I can't access that either! How am I supposed to change it when it's not recognising me. I don't have two hours free to wait on the phone for help. This is a joke!