Another wave of hacked Yahoo/Xtra mail accounts?

Forums › Spark New Zealand (including Skinny and BigPipe) › Another wave of hacked Yahoo/Xtra mail accounts?

1 | 2 | 3 | 4 | 5

20164 posts

Uber Geek

#944819 3-Dec-2013 15:37

DigiDog:
mattwnz: I don't think you should need to change your password regularly either, if it is a strong one with upper and lower case characters and numbers.

I agree that Yahoo shouldn't be allowing these hacks to continue and that Xtra need to step up to the plate and ideally sever ties with them. But no matter how strong your password may be, if the bad guys have a copy then you're buggered and changing your password is essential and urgent.

I think they need to tell people not to use the password for anything else, as if they are getting access to your password via yahoos system, they could access everything else too that uses that password too. My old password is also used for my telecom broadband connection/ MyTelecom, as it was my primary xtra email account, but I haven't changed that (yet) They haven't told customers (yet) if they need to change that too, as I suspect many people will use the same passwords in order to remember them.
My password was pretty difficult anyway, so I wonder if changing it to something even hard is going to make any difference. I wasn't affected by the last hack earlier in the year, only this one.

k1wi

484 posts

Ultimate Geek

#944822 3-Dec-2013 15:46

It'd be interesting to see whether the malicious logins are infected computers/botnet, masking the identities of the real hackers. My money would suspect so.

mattwnz

20164 posts

Uber Geek

#944823 3-Dec-2013 15:49

k1wi: It'd be interesting to see whether the malicious logins are infected computers/botnet, masking the identities of the real hackers. My money would suspect so.

The problem is the lack of information. People can only speculate. The telecom website says very little.

nunz

1421 posts

Uber Geek
Inactive user

#944842 3-Dec-2013 16:22

mattwnz:
DigiDog:
mattwnz: I don't think you should need to change your password regularly either, if it is a strong one with upper and lower case characters and numbers.

I agree that Yahoo shouldn't be allowing these hacks to continue and that Xtra need to step up to the plate and ideally sever ties with them. But no matter how strong your password may be, if the bad guys have a copy then you're buggered and changing your password is essential and urgent.

I think they need to tell people not to use the password for anything else, as if they are getting access to your password via yahoos system, they could access everything else too that uses that password too. My old password is also used for my telecom broadband connection/ MyTelecom, as it was my primary xtra email account, but I haven't changed that (yet) They haven't told customers (yet) if they need to change that too, as I suspect many people will use the same passwords in order to remember them.
My password was pretty difficult anyway, so I wonder if changing it to something even hard is going to make any difference. I wasn't affected by the last hack earlier in the year, only this one.

it depends on how the heck is done. If the hackers have managed to compromise yahoo backend systems and if they have been able to get hold of the hash of your password then it doesn't really matter how big or long as they have got a copy it and can use it using a different type of attack.
Ii have just been through the process of changing almost all of my passwords so that every password for every site and every login and every customers different. Like most people i do not have an absolutely fantastic brain for remembering the 200 300 passwords i need so i'm using keepsafe an open source products that works off a pen drivve and uses two systems of authentication. . I now have a key on a pen drive and i now have a password and together a l l my password file to be opened and used. My password is now gone beyond the 12 character range and using uppercase lowercase symbols blah blah blah blah blah
on a linux system you can implement iptables that say if you had 3 failed attempts and password the new a locked out for a minute. This means that dictionary a texan similar will fail because it takes way too long to get 3 attempts per minute. We also been ssh and similar connections exit from very specific locations. We have explicitly excluded loggins from lots of dodgy places. My apologies to georgia ukraine armenia greece afghanistan nedlands etco etco but we have band you from logging into a service. The only alternative to that is vpn or very specific exemptions for very specific customers.

Abo

78 posts

Master Geek

#944931 3-Dec-2013 19:03

So when are Telecom going to ditch yahoo...

raytaylor

4017 posts

Uber Geek

Trusted

#944951 3-Dec-2013 20:19

Abo: So when are Telecom going to ditch yahoo...

They wont.
Yahoo will assure (pay telecom lots of money) them again that it wont happen again and their top engineers are working on fixing the hole.

Ray Taylor

There is no place like localhost

Spreadsheet for Comparing Electricity Plans Here

jlittle

188 posts

Master Geek

ID Verified

Subscriber

#944994 3-Dec-2013 21:57

Is this recent flare-up a product of a fresh hack of the Yahoo servers, or are they using a further batch of cracked passwords for accounts they obtained previously?
To answer this, does anyone know of a Yahoo account that had its password changed after the previous hacks, that has now been compromised again?

Quic Broadband

Move to New Zealand's best fibre broadband service (affiliate link). Free setup code: R587125ERQ6VE. Note that to use Quic Broadband you must be comfortable with configuring your own router.

1eStar

1604 posts

Uber Geek

#945047 3-Dec-2013 23:24

I think this might be a fresh yahoo attack. I have never had any xtra affiliation and my two yahoo accounts had login attempts from a california ip in the early hours of this morning. I don't think my accounts have been accessed or sent any spam, but there's been some sort of attempt that yahoo has blocked.

mattwnz

20164 posts

Uber Geek

#945052 3-Dec-2013 23:38

1eStar: I think this might be a fresh yahoo attack. I have never had any xtra affiliation and my two yahoo accounts had login attempts from a california ip in the early hours of this morning. I don't think my accounts have been accessed or sent any spam, but there's been some sort of attempt that yahoo has blocked.

There doesn't seem to be any news able yahoo accounts being hacked on googles news. I can only see ones about YahooXtra.

Ragnor

8222 posts

Uber Geek

Trusted

#945067 4-Dec-2013 04:45

jlittle: Is this recent flare-up a product of a fresh hack of the Yahoo servers, or are they using a further batch of cracked passwords for accounts they obtained previously?
To answer this, does anyone know of a Yahoo account that had its password changed after the previous hacks, that has now been compromised again?

Mostly the same problem as before ie: XSS (aka cross site scripting)

http://en.wikipedia.org/wiki/Cross-site_scripting

http://www.computerweekly.com/tip/Cross-site-scripting-explained-How-to-prevent-XSS-attacks

https://www.owasp.org/index.php/Cross-site_Scripting_(XSS)

MikeB4

18435 posts

Uber Geek

ID Verified

Trusted

#945076 4-Dec-2013 06:44

I can understand to a degree why they are not saying much to the media, however they should be upfront and honest with their customers. They should be communicating directly with all customers anything less feels like a middle finger salute.

The only info I have received is here and bits and pieces in the press and that falls way short of good customer relation standards.

lyonrouge

1993 posts

Uber Geek

Trusted

Lifetime subscriber

#945096 4-Dec-2013 08:25

Can anyone else actually change their password?

ps2jak2

54 posts

Master Geek

ID Verified

Subscriber

#945101 4-Dec-2013 08:39

The way I did it was to say I forgot my password at the http://xtramail.co.nz site as changing the password the normal way didn't work for me either.

savaii

54 posts

Master Geek

#945271 4-Dec-2013 11:49

ps2jak2: The way I did it was to say I forgot my password at the http://xtramail.co.nz site as changing the password the normal way didn't work for me either.

Yeah the usual way (changing from a known password to a new one) doesn't seem to work. Its as if my password had been reset remotely...however I have not been able to get official confirmation if this is the case or not.

1101

3122 posts

Uber Geek

#945274 4-Dec-2013 11:55

I just found out my a/c is also compromised.
My email hasnt been sending out spam, as far as Im aware, yet was hacked into on Dec1

So I advise EVERYONE with an extra email a/c, even if you dont use it ....
check if someone else had logged onto your email a/c
https://api.login.yahoo.com/login/history

change email password
http://www.telecom.co.nz/changepassword

then go & clean out your webmail. It can no longer be considered secure.
My advice: go into webmail, delete all saved/autosaved contacts, delete all saved sent emails, delete everything in there , clean it out completely.
If you need a copy of all emails in your webmail, download them all into Outlook/thunderbird & use that as a saved copy.

Why the Silence from Telecom. They should be advising EVERYONE to check who has been logging into their email a/c recently.

1 | 2 | 3 | 4 | 5