Telecom NZ says 22,500 Xtra email accounts hacked

By on
Telecom NZ says 22,500 Xtra email accounts hacked

Yahoo! 'assures' password changes kill spam.

Telecom NZ has conceded that some 22,500 users of its Yahoo! Xtra email customers have been hacked.

Users of the Yahoo! Xtra email service, operated by Yahoo! and open only to Telecom NZ subscribers, were targeted by hackers last weekend.

The service has attracted about 450,000 subscribers, of which five percent were affected.

Read: Choosing a good passw0rd

"Telecom, in conjunction with email provider Yahoo!, has identified that up to approximately five percent of Yahoo! Xtra email customer accounts have been sending malicious emails – most likely without the customer’s knowledge, after their email account was accessed," the telco said in a statement.

Some 50,000 subscribers have changed their passwords since accounts were compromised last weekend.

Yahoo! said attackers gained access to customer account email addresses but had "currently no evidence" that further information was compromised.

However, Telecom NZ is following up with customer reports that more data was accessed.

Yahoo! could lose its email outsourcing deal with the telco following the breach, according to a Telecom NZ spokesperson, who indicated the service may be pulled in-house.

Telecom NZ retail boss Chris Quin says Yahoo! "has given Telecom an assurance" that the spamming will stop if users change their passwords.

Hacked users won't have a choice however, as the telco kicks off a password refresh program. It will warn customers by email and phone, including 10,000 today.

“If customers are not able to personally change their password within around 24 hours of our notification, we have a contingency process in place which will require customers to change their password the next time they access their email account,” Quin said.

It urged any users who receive spam from contacts to send a new email to the victim asking them to change their passwords.

“We would like to thank the around 5000 affected customers who have changed their passwords in recent days. Yahoo! has assured us that malicious emails are no longer being sent from these accounts,” the telco said in a statement.

Got a news tip for our journalists? Share it with us anonymously here.

Copyright © SC Magazine, Australia

Tags:
data breach email phishing security spam xtra yahoo
In Partnership With

Most Read Articles

Telstra, Optus and Vodafone temporarily block websites after Christchurch attack

Telstra, Optus and Vodafone temporarily block websites after Christchurch attack
Telstra and Optus secure round four mobile blackspot sites

Telstra and Optus secure round four mobile blackspot sites
Govt to spend $220m on mobile, co-fund NBN area switches

Govt to spend $220m on mobile, co-fund NBN area switches
Coles quietly expands Uber Eats deliveries to essentials like bread, milk, Netflix

Coles quietly expands Uber Eats deliveries to essentials like bread, milk, Netflix
You must be a registered member of iTnews to post a comment.
| Register

Whitepapers from our sponsors

How Macquarie University has prepared for fire and flood
How Macquarie University has prepared for fire and flood
Guide to Fully-Composable Software-Defined Private Cloud
Guide to Fully-Composable Software-Defined Private Cloud
Is slow data silently killing your business? Here's why you should care.
Is slow data silently killing your business? Here's why you should care.
Cloud, AI, infosec: Is your IT strategy keeping up?
Cloud, AI, infosec: Is your IT strategy keeping up?
Australian business moves to a new cloud era
Australian business moves to a new cloud era

Events

Log In

Username / Email:
Password:
  |  Forgot your password?