UPDATE: A curious coda to today's Yahoo Xtra developments. A colleague at NBR got the above right error message about Yahoo Xtra being down for maintenance when he tried to check for new messages on his personal Yahoo Xtra account.
The error message persisted for several minutes. When he tried again this evening, he was able to get in.
I sent a copy of the error message to Telecom.
A spokeswoman replied: "We believe its a spoof as we sent some test messages which worked and Yahoo would advise us of any work which they have not."
Don't know about that one. If it was sent by a random person I would wonder if it was faked too. But it arrived from a someone I know at work, who's a serious-minded guy just annoyed he couldn't access his email (and the screen grab above is a crop of a larger screen shot).
And "spoofing" in the technical sense (one programme masquerading as another) makes no sense, given the account worked normally a few minutes later.
It sounds like there's probably a more common-or-garden explanation: more poor communication. Perhaps Yahoo failed to let Telecom know a scheduled outage was taking place - not good at a time when Telecom is formally reviewing its email options.
Another 1500 Telecom customers using its Yahoo Xtra email service have potentially "compromised accounts."
Passwords on all 1500 accounts have been summarily cancelled by Telecom. As with previous cancellations, customers are issued with a temporary password then asked to head online, or phone, to reset their account.
Telecom attempted to draw a line under its latest Yahoo Xtra problems on February 22 with a statement headed Telecom Customers no Longer Compromised Following Cyber Attack. It said passwords on all 65,000 affected accounts have been changed (passwords were also cancelled on a number of inactive accounts, taking the total number number of compromised accounts to 87,000).
But in comments after NBR ONLINE stories, and elsewhere, people continued to complain about a heavy number of spam messages from Yahoo Xtra accounts.
Today, Telecom said it has been alerted by Yahoo of 1500 potentially compromised accounts - up from the usually number of around 100 (Telecom has around 450,000 broadband customers in total).
Accounts can be compromised when a person sends on a malicious link in an email sent by a "phisher", or within an email from a person they know who has already been compromised.
But some, including government-funded NetSafe and the Institute of IT Professionals NZ, are more worried about the separate, direct security breach of Yahoo's mail servers, which happened at the same time as the February 9 phishing attack upsurge. This mail server breach could have lead to address books and email being downloaded for use in a future attack.
On this point, said today "Yahoo continues to assure Telecom that there has been no evidence that email accounts have been accessed for any other reason than to send spam."
Telecom did not immediately respond in detail on the question of whether the 1500 potentially compromised accounts revealed today could be traced back to the February 9 attack.
"It’s pretty clear that we will never see the end of these types of incidents given the global nature of spam and the increasingly sophisticated tactics of spammers and cyber criminals," a spokeswoman told NBR ONLINE.
This article is tagged with the following keywords. Find out more about MyNBR Tags
- MARKET CLOSE: NZ shares fall, A2, Xero down as investors take profit
- Fonterra targets doubling of China revenue within five years
- Trilogy profit triples on candle and skincare growth
- UPDATED: Fonterra shareholders evenly split on shrinking board
- Financial advisers could still pocket commissions - options paper
Most listened to
- Trilogy International CEO Angela Buglass on tripling her profit
- Eroad CEO Steven Newman talks about his company's revenue increase
- What do the latest terrorism attacks in Mali and Israel mean? Nathan Smith discusses the latest foreign affairs news
- NZ Windfarms departing director Michael Stiassny speaks out after board exit
- James Mayo talks about SOS Hydration's growth plans after Snowball offer
- Michael Wood on whether he would run in Mt Roskill
- SAFE's Abi Izzard quizzed over protest of a caged hen operation at Pukekohe
- Nevil Gibson talks about Editor's Insight on the planned $US150 million merger between Pfizer and Allergan
- Taupo Beef’s Mike Barton on how to extract sustainable profit from farming
- Will the government lose on RMA reform? Rob Hosking outlines the PM's speech
- How could bookmakers recoup $16 million? Racing Board chief executive John Allen explains
- Nevil Gibson breaks down the latest aviation news