Geekzone: technology news, blogs, forums
Guest
Welcome Guest.
You haven't logged in yet. If you don't have an account you can register now.

View this topic in a long page with up to 500 replies per page Create new topic
1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 | 11 | 12 | 13
1762 posts

Uber Geek
+1 received by user: 346

Trusted
Spark NZ

  Reply # 761766 13-Feb-2013 14:38 Send private message

Bung: The log in history is interesting. I have had no indication that anything was wrong, I've not had any odd email and so far none of my contact list have had anything supposedly from me but the history shows that the account was accessed from India on Sunday night.

The Indian login was flagged as suspicious but I wouldn't have known about it unless I'd been prompted to look by this thread. If it's flagged as unusual why can't Yahoo send an email to the account holder or give that as a choice?


Are you sure you haven't clicked on any suspicious links that were emailed to you?  If you ever went to a "work at home for free" web site accidently then you may have been impacted.

Feel free to email me pl at telecom.co.nz and I can look further, however if I suggest you change your password as an extra precaution.




I work for Spark, but as always my views are my own.

Awesome
4021 posts

Uber Geek
+1 received by user: 584

Trusted
Subscriber

  Reply # 761769 13-Feb-2013 14:43 Send private message

plambrechtsen:Are you sure you haven't clicked on any suspicious links that were emailed to you?  If you ever went to a "work at home for free" web site accidently then you may have been impacted.


I'm seen various reports from people who never even use their YahooXtra accounts being compromised, or people who have died and therefore not accessing their account being compromised.

This to me would indicate that hackers have been able to access accounts with no action at all by the account owner, yes?




Twitter: ajobbins

1458 posts

Uber Geek
+1 received by user: 82


  Reply # 761771 13-Feb-2013 14:53

@PL Password is reset.

Unlike many I get very little spam on my Xtra account and I'd like to think I'm far to old to open any.

I don't know if there's any correlation between possible user action and hack event but the Indian access came at the end of a 5 day stretch when we were away and not using the internet.

1 post

Wannabe Geek


  Reply # 761830 13-Feb-2013 16:37 Send private message

Hi...I've managed to change my xtra email pw but am now having trouble accessing emails on my phone. I've tried changing the pw in the account setting section but I keep getting messages to say that my username or pw is incorrect. Grrrrr. Any ideas anyone? 

BDFL
49999 posts

Uber Geek
+1 received by user: 4646

Administrator
Trusted
Geekzone
Subscriber

  Reply # 761871 13-Feb-2013 18:02 Send private message

Just received:


Telecom is initiating a password change programme to fix problems with Yahoo! Xtra customer email accounts that have been compromised by a recent cyber attack.

Telecom, in conjunction with email provider Yahoo!, has identified that up to approximately 5% of Yahoo! Xtra email customer accounts have been sending malicious emails – most likely without the customer’s knowledge, after their email account was accessed.

Yahoo! has informed Telecom that there is currently no evidence to support reports that access has been gained to any user information beyond email addresses within a customer’s account, however Yahoo! continues to monitor the situation. Telecom is in continuing dialogue with Yahoo! based on individual customer feedback it has received in relation to such concerns.  

Telecom CEO Retail, Chris Quin, says Yahoo has given Telecom an assurance that changing customer passwords stops these accounts from sending malicious emails.

“We would like to thank the around 5,000 affected customers who have changed their passwords in recent days. Yahoo! has assured us that malicious emails are no longer being sent from these accounts.”

Telecom will shortly commence a process of progressively contacting the remaining affected customers and asking them to change their password immediately.

To reach customers as quickly as possible, an email will be sent from Telecom to affected customers. The Telecom email will not contain any links, to avoid any fears by customers that it is another malicious email. Any email purporting to be from Telecom or Yahoo!, that encourages customers to enter an embedded link and their password credentials should be regarded as suspicious and should be deleted.

“Our aim is to manage the password change process as effectively as possible and make it easy for customers to complete the process online themselves at Telecom’s secure website,” says Mr Quin.

“If customers are not able to personally change their password within around 24 hours of our notification, we have a contingency process in place which will require customers to change their password the next time they access their email account. This process will be outlined in the email advice we are sending to our customers. However we think it’s much better for our customers to regularly manage their password change process and we urge them to make this change as soon as they receive our email advice.”

Although the accounts of the vast majority of Yahoo! Xtra customers have not been directly affected by this security breach, some of them may still be receiving malicious emails purportedly from one of their contacts. However, these customers should not face any security risk if they simply delete suspicious email.

Telecom encourages customers who receive such emails, apparently from a trusted contact, to get in touch with their contact and let them know their account appears to have been affected by a malicious attack and that they should change their password. They should not hit the reply button on the suspicious email but send a separate communication to their contact.

Telecom continues to recommend that as good practice, all email customers change their password regularly, using a combination of letters, numbers and symbols. Passwords can be changed at www.telecom.co.nz/changepassword where guidance on good password practice can also be found.

Mr Quin added: “We appreciate that many Telecom customers use their broadband connection to access email, either via the Yahoo! service or other email services and we want to assure them that they can continue to use their broadband connection with confidence regardless of the email platform they choose. As we announced yesterday, we are undertaking an urgent and comprehensive review of our approach to email service to best meet our customers’ needs.”




90 posts

Master Geek
+1 received by user: 20


  Reply # 761880 13-Feb-2013 18:40 Send private message

I just received yet another one of these emails. Timed 6.03pm 13/2. Thought telecom said they had resolved the problem? Guess not...

632 posts

Ultimate Geek
+1 received by user: 103


  Reply # 761886 13-Feb-2013 18:51 Send private message

Be nice if you could opt out of having an email address with Telecom

477 posts

Ultimate Geek
+1 received by user: 12

Trusted

  Reply # 761895 13-Feb-2013 19:03 Send private message

Some views on what has actually happened and what Yahoo! have been dealing with:

http://www.iitp.org.nz/newsletter/article/414?utm_source=email





4 posts

Wannabe Geek


  Reply # 761904 13-Feb-2013 19:06 Send private message

Also as a additional measure - check your:

Manage Apps and Website Connections

They might still be 'logged in' despite you changing your password, my advice would be to remove everything, then sign back into your phone etc as necessary

7376 posts

Uber Geek
+1 received by user: 408


  Reply # 761911 13-Feb-2013 19:27 Send private message

JamesL: Be nice if you could opt out of having an email address with Telecom


When I signed up recently, I don't think I got one by default. Although looking at my ADSL login, it is an xtra email address, so maybe they do. I have never used that xtra address though.

At least they didn't include links in the email, unlike some banks operating in NZ that still do.

1762 posts

Uber Geek
+1 received by user: 346

Trusted
Spark NZ

  Reply # 761989 13-Feb-2013 22:35 Send private message

If anyone does still get recent spam emails, I would appreciate them being forwarded and of course must include full headers to our team mailbox.  I am feeding them directly to yahoo and have received a few today.  But always (sadly enough) prefer to get a wider range if folks out there are still getting them.  Send them through to ort at telecom.co.nz.




I work for Spark, but as always my views are my own.

1762 posts

Uber Geek
+1 received by user: 346

Trusted
Spark NZ

  Reply # 761990 13-Feb-2013 22:39 Send private message

ORaven: Also as a additional measure - check your:

Manage Apps and Website Connections

They might still be 'logged in' despite you changing your password, my advice would be to remove everything, then sign back into your phone etc as necessary


FYI if you change your password via the telecom.co.nz /changepassword (link deliberately not included!) then all active sessions do get terminated (I've tested this!)  Typically it takes 10-15 seconds to process from when you hit go.  Can sometimes be a bit slow depending on the load.  But if you have 3-4 sessions open (which I have also tested) and wait that time then hit F5 you will be forced to login again from my tests.  This shouldn't be taken as Telecom official word, just from my tests.  But in the numerous times I have tested it in the last few days I have had 100% success with it.




I work for Spark, but as always my views are my own.

354 posts

Ultimate Geek
+1 received by user: 8


  Reply # 762154 14-Feb-2013 11:47 Send private message

nzaudrey17: Hi...I've managed to change my xtra email pw but am now having trouble accessing emails on my phone. I've tried changing the pw in the account setting section but I keep getting messages to say that my username or pw is incorrect. Grrrrr. Any ideas anyone? 


Try logging in via webmail (webmail.xtra.co.nz) using IE8+ or the latest versions of Firefox, Chrome, etc
There maybe a Captcha code that you need to action before it will work on your mobile, tablet, email client.




Current Phone:
- Android: Samsung SM-N9005 Galaxy Note 3
(XT)
- Win Phone 8: Samsung ATIV S
(XT)

Current Tab: Acer Iconia Tab A500

Twitter: qraider

BDFL
49999 posts

Uber Geek
+1 received by user: 4646

Administrator
Trusted
Geekzone
Subscriber

  Reply # 762347 14-Feb-2013 14:35 Send private message

Telecom sent this out now:


Telecom is urging its Yahoo! Xtra email customers who have not yet changed their password to do so as soon as possible to enhance their email account security following a recent cyber attack on the email service.

“We would like to thank the 50,000 customers who have changed their passwords since this issue first arose last weekend,” says Telecom Retail CEO, Chris Quin. “The vast majority of these customers have made the password change easily using our online tool.

“However, we would like to see all our 450,000 Yahoo! Xtra customers change their passwords. Yahoo! has given Telecom an assurance that changing customer passwords stops malicious ‘spam’ emails being sent without the customer’s knowledge if their account has been compromised.  It is also good practice to change passwords regularly.”

As announced yesterday, Telecom is initiating a password change programme, emailing those customers that Yahoo! has confirmed as having compromised accounts and asking them to change their passwords immediately. If they do not make the change within 24 hours, they will be required to do so next time they access their email.  The first batch of 10,000 affected customers will be emailed by Telecom today.

Telecom appreciates that many customers use their broadband connection to access email, either via the Yahoo! service or other email services and assures them that they can continue to use their Telecom broadband connection with confidence regardless of the email platform they choose.

Telecom announced earlier this week it is undertaking an urgent and comprehensive review over the next two months of its approach to email service to best meet customers’ needs. PASSWORD KEY POINTS: 
  • Passwords can be changed at telecom.co.nz/changepassword
  • Customers should use a strong, unique password, with a combination of letters, numbers and symbols, and change it regularly.
  • Customers using email clients (such as Outlook) or via smartphones or tablets will need to update them with their new email password. Instructions on how to do this can be found at telecom.custhelp.com and search for “email setup”.
  • Many customers whose email accounts have not been compromised may still receive malicious emails purportedly from one of their contacts. They should not face any security risk if they simply delete these emails.
  • Do not hit the reply button on suspicious emails but send a separate communication to your contact to tell them their account appears to have been compromised and that they should change their password. 






1467 posts

Uber Geek
+1 received by user: 95

Trusted
Subscriber

  Reply # 762361 14-Feb-2013 14:50 Send private message

I'm getting more and more agitated each time that I hear a call to change my password, I've tried their password changer so many times over the past week, I'm convinced that its borked or at least for my user profile. My password is accepted at every other Telecom/Xtra/Yahoo login but the password changer

1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 | 11 | 12 | 13
View this topic in a long page with up to 500 replies per page Create new topic




Twitter »
Follow us to receive Twitter updates when new discussions are posted in our forums:



Follow us to receive Twitter updates when news items and blogs are posted in our frontpage:



Follow us to receive Twitter updates when tech item prices are listed in our price comparison site:





Trending now »

Hot discussions in our forums right now:

Government Limos
Created by networkn, last reply by Bung on 31-Oct-2014 12:39 (94 replies)
Pages... 5 6 7


Got a good ol parking fine
Created by Lyderies, last reply by Elpie on 1-Nov-2014 20:46 (24 replies)
Pages... 2


How good is your general Science Knowledge?
Created by Aredwood, last reply by freitasm on 1-Nov-2014 18:38 (48 replies)
Pages... 2 3 4


Shutup and take my money (via NFC on my mobile phone)
Created by sxz, last reply by sonyxperiageek on 31-Oct-2014 22:34 (24 replies)
Pages... 2


OneDrive code giveaway - go!
Created by freitasm, last reply by PhantomNVD on 1-Nov-2014 10:31 (36 replies)
Pages... 2 3


Uber: a cheaper taxi ride?
Created by kingdragonfly, last reply by livisun on 31-Oct-2014 14:47 (34 replies)
Pages... 2 3


Sky will be 'upgrading software' of My Sky to connect to internet. What does that mean?
Created by Geektastic, last reply by TwoSeven on 1-Nov-2014 17:43 (30 replies)
Pages... 2


DDos Protection from ISP
Created by charsleysa, last reply by freitasm on 31-Oct-2014 12:11 (46 replies)
Pages... 2 3 4



Geekzone Live »

Try automatic live updates from Geekzone directly in your browser, without refreshing the page, with Geekzone Live now.

Are you subscribed to our RSS feed? You can download the latest headlines and summaries from our stories directly to your computer or smartphone by using a feed reader.

Alternatively, you can receive a daily email with Geekzone updates.