Widespread Email Compromise at Yahoo/Xtra

Forums › Spark New Zealand (including Skinny and BigPipe) › Widespread Email Compromise at Yahoo/Xtra

1 | ... | 6 | 7 | 8 | 9 | 10 | 11 | 12 | 13

1065 posts

Uber Geek

#764125 18-Feb-2013 12:45

I suspect they failed to check for sub accounts in whatever automated script they ran as well, ie my parents main email account got locked and my personal sub account didn't despite both being compromised.

plambrechtsen

1948 posts

Uber Geek
Inactive user

#764127 18-Feb-2013 12:50

pegi: I've done all that but the message keeps popping up. I will keep an eye on it... :-)

I think Yahoo keep on poping that Captcha up if it's noticed any untoward requests against your account.

Feel free to email me pl at telcom.co.nz with your xtra email account and I can check it out.

Plus it would be worth checking ALL your devices such as iPhones / iPads or other mail clients as the iDevices being the worst offender that have a tendency to keep on locking your account if they haven't been updated and are still trying to POP mail but using the wrong password.

plambrechtsen

1948 posts

Uber Geek
Inactive user

#764131 18-Feb-2013 12:53

loceff13: I suspect they failed to check for sub accounts in whatever automated script they ran as well, ie my parents main email account got locked and my personal sub account didn't despite both being compromised.

I would really like to know this sort of information. We locked both Primary & Sub accounts which were listed as compromised by Yahoo and I have the master list. If there are accounts that fall outside this I would like to know and check them. Please email me pl at telecom.co.nz with any details and even better if you have any sent spam with full mail headers that would be a huge help.

Oblivian

7296 posts

Uber Geek

ID Verified

#764160 18-Feb-2013 13:55

Checked my 14+yr old xtra acct spam bin today paul, got 2 filtered from the 16th into it from an @xtra.co.nz and an @yahoo.nl with different subject but apparently the same text along the lines of "you probably haven't heard about this yet..."

Want those for analysis?

regius

38 posts

Geek

#765375 18-Feb-2013 20:25

I'm at my wits end! How can I possibly change my Yahoo/Xtra mail password using the Telecom suggested online method when the first requirement is to input "user name" and "password" when my password has been deleted by Telecom?
Perhaps I'm thick.
Can anyone help so that I can get into my Yahoo/Xtra email account again as the first step in changing to Gmail. Thanks in anticipation.

Oblivian

7296 posts

Uber Geek

ID Verified

#765384 18-Feb-2013 20:39

Visit webmail.xtra.co.nz login with username and old PW and it will force a change.

regius

38 posts

Geek

#765403 18-Feb-2013 21:18

Unfortunately this does not work.
It may be something to do with my Xtra email user name which was allocated to me when Xtra was first launched where the format was "xtrxxxxxxxx@xtra.co.nz" (where x = a digit), not "joe.blogs@xtra.co.nz" as it is now.
Any other suggestions other than wait for hours on the phone in the vain hope of a connection with an homo sapiens.

Equinox IT

Cloud spending continues to surge globally, but most organisations haven’t made the changes necessary to maximise the value and cost-efficiency benefits of their cloud investments. Download the whitepaper From Overspend to Advantage now.

freitasm

BDFL - Memuneh
79250 posts

Uber Geek

Administrator

ID Verified

Trusted

Geekzone

Lifetime subscriber

#765415 18-Feb-2013 21:32

Just received from Yahoo!

Yahoo! is continuing to work with Telecom to ensure Yahoo! Xtra mail accounts that were compromised last weekend have been secured and its in-depth investigation into the circumstances surrounding this issue is on-going.

“There is a lot of misinformation around what may have caused this vulnerability in the Yahoo! email product and the type of information that may have been compromised. There is currently no evidence to support reports that access has been gained to any user information beyond the customer's email address book or that this issue is related to any issues overseas, although we continue to investigate this,” say Laura Maxwell-Hansen, GM Yahoo! New Zealand.

Yahoo! has been in regular communication with Telecom since the issue arose to help ensure an effective resolution.

The approximately 20% of Telecom email customers whose accounts were compromised, have been secured via an automatic prompt to re-set their email password.

Users are urged to change current email passwords immediately on their computer, mobile devices and tablets - using a combination of letters, numbers and symbols. Additionally, it is also recommended that users review their security settings and ensure their password and virus protection software is up to date.

Yahoo! Xtra customers can visit Telecom's website, www.telecom.co.nz, as well as Yahoo! NZ, for assistance about how to secure their email.

mattwnz

20141 posts

Uber Geek

#765449 18-Feb-2013 22:08

Perhaps Yahoo should detail exactly what has been the cause of the problem, if there is so much information going around. I have yet to hear what is definitely the cause of the problem.

freitasm

BDFL - Memuneh
79250 posts

Uber Geek

Administrator

ID Verified

Trusted

Geekzone

Lifetime subscriber

#765463 18-Feb-2013 22:10

I asked them now, let's see if I get an answer...

greven

30 posts

Geek

#765470 18-Feb-2013 22:15

Are the reports of unused accounts being compromised false then? It is obvious that it wasn't a phishing attack, but beyond that, only Yahoo can tell us with any certainty what did happen.

hairy1

3332 posts

Uber Geek

ID Verified

Trusted

Lifetime subscriber

#765572 19-Feb-2013 08:56

greven: Are the reports of unused accounts being compromised false then? It is obvious that it wasn't a phishing attack, but beyond that, only Yahoo can tell us with any certainty what did happen.

Hmmm. You may be assuming too much there. Based on the information coming out of Yahoo I wonder if they have any idea what actually happened!

My views (except when I am looking out their windows) are not those of my employer.

plambrechtsen

1948 posts

Uber Geek
Inactive user

#765579 19-Feb-2013 09:04

If people can't remember their "xtr" account send me an email pl at telecom.co.nz and I can investigate.

Oblivian

7296 posts

Uber Geek

ID Verified

#765593 19-Feb-2013 09:27

Funny. It has to be more indepth than a phishing link allowing things to happen with browser cookies for sure.

As per my previous screenshot, my 7Seven (yahoo australia) based account I use for purely for a profile on the likes of V8 Supercars and yahoo groups shows access from India (I've not used an indian based proxy at all). When I don't use it for email.

Yet my 15+yr old Xtra one does not show anything like this. Both have 0 users in the online address book, since I simply don't use it. But my xtra one does have sent messages I've done when abroad.

Xtra one has not prompted me for a PW change, or have I had a notice email from TC requesting a PW change as being compromised. Just delayed responces of backlogs up till the 16th comming in bursts. (although the Y! mail reader on my droid did ask for my credentials but may have been the recent version upgrade)

pegi

37 posts

Geek

#765595 19-Feb-2013 09:34

plambrechtsen:
pegi: I've done all that but the message keeps popping up. I will keep an eye on it... :-)

I think Yahoo keep on poping that Captcha up if it's noticed any untoward requests against your account.

Feel free to email me pl at telcom.co.nz with your xtra email account and I can check it out.

Plus it would be worth checking ALL your devices such as iPhones / iPads or other mail clients as the iDevices being the worst offender that have a tendency to keep on locking your account if they haven't been updated and are still trying to POP mail but using the wrong password.

I think I sorted it out. I changed the password on all my devices (or I thought I did) but I forgot about an email client that came with my Samsung tablet that had still old password and was trying to POP mail. Changing password there resolved the problem with Outlook popping up a message to check my password.

Thanks plambrechtsen for your help

1 | ... | 6 | 7 | 8 | 9 | 10 | 11 | 12 | 13