DigiDog:mattwnz: I don't think you should need to change your password regularly either, if it is a strong one with upper and lower case characters and numbers.
I agree that Yahoo shouldn't be allowing these hacks to continue and that Xtra need to step up to the plate and ideally sever ties with them. But no matter how strong your password may be, if the bad guys have a copy then you're buggered and changing your password is essential and urgent.
I think they need to tell people not to use the password for anything else, as if they are getting access to your password via yahoos system, they could access everything else too that uses that password too. My old password is also used for my telecom broadband connection/ MyTelecom, as it was my primary xtra email account, but I haven't changed that (yet) They haven't told customers (yet) if they need to change that too, as I suspect many people will use the same passwords in order to remember them.
My password was pretty difficult anyway, so I wonder if changing it to something even hard is going to make any difference. I wasn't affected by the last hack earlier in the year, only this one.