UPDATE: A curious coda to today's Yahoo Xtra developments. A colleague at NBR got the above right error message about Yahoo Xtra being down for maintenance when he tried to check for new messages on his personal Yahoo Xtra account.
The error message persisted for several minutes. When he tried again this evening, he was able to get in.
I sent a copy of the error message to Telecom.
A spokeswoman replied: "We believe its a spoof as we sent some test messages which worked and Yahoo would advise us of any work which they have not."
Don't know about that one. If it was sent by a random person I would wonder if it was faked too. But it arrived from a someone I know at work, who's a serious-minded guy just annoyed he couldn't access his email (and the screen grab above is a crop of a larger screen shot).
And "spoofing" in the technical sense (one programme masquerading as another) makes no sense, given the account worked normally a few minutes later.
It sounds like there's probably a more common-or-garden explanation: more poor communication. Perhaps Yahoo failed to let Telecom know a scheduled outage was taking place - not good at a time when Telecom is formally reviewing its email options.
Another 1500 Telecom customers using its Yahoo Xtra email service have potentially "compromised accounts."
Passwords on all 1500 accounts have been summarily cancelled by Telecom. As with previous cancellations, customers are issued with a temporary password then asked to head online, or phone, to reset their account.
Telecom attempted to draw a line under its latest Yahoo Xtra problems on February 22 with a statement headed Telecom Customers no Longer Compromised Following Cyber Attack. It said passwords on all 65,000 affected accounts have been changed (passwords were also cancelled on a number of inactive accounts, taking the total number number of compromised accounts to 87,000).
But in comments after NBR ONLINE stories, and elsewhere, people continued to complain about a heavy number of spam messages from Yahoo Xtra accounts.
Today, Telecom said it has been alerted by Yahoo of 1500 potentially compromised accounts - up from the usually number of around 100 (Telecom has around 450,000 broadband customers in total).
Accounts can be compromised when a person sends on a malicious link in an email sent by a "phisher", or within an email from a person they know who has already been compromised.
But some, including government-funded NetSafe and the Institute of IT Professionals NZ, are more worried about the separate, direct security breach of Yahoo's mail servers, which happened at the same time as the February 9 phishing attack upsurge. This mail server breach could have lead to address books and email being downloaded for use in a future attack.
On this point, said today "Yahoo continues to assure Telecom that there has been no evidence that email accounts have been accessed for any other reason than to send spam."
Telecom did not immediately respond in detail on the question of whether the 1500 potentially compromised accounts revealed today could be traced back to the February 9 attack.
"It’s pretty clear that we will never see the end of these types of incidents given the global nature of spam and the increasingly sophisticated tactics of spammers and cyber criminals," a spokeswoman told NBR ONLINE.
This article is tagged with the following keywords. Find out more about MyNBR Tags
- Foreign Affairs Scope: Tensions rise over Russian action in Syria
- Zuckerberg pledges 99% of his Facebook shares to charity
- Scentre Group's shopping mall sell-off
- Kiwi business philanthropy small on cash, big on in-kind goods and services, sponsorship
- Fonterra not seen meeting its payout forecast despite latest GDT gain
Most listened to
- Should the government encourage space development? Helmore Ayers Lawyers consultant lawyer Dr Maria Pozza explains
- Forsyth Barr's Matthew Leach on why he expects Xero to drop from the NZX 10 index
- Education consultant Sharndre Kushor says Crimson Consulting’s new website is the “Netflix for educational achievement”
- Nathan Smith breaks down the latest foreign affairs news
- NZIER's Kirden Lees and Rob Hosking discuss changing how the Reserve Bank targets interest rates