Yahoo hack extended beyond Xtra
Yahoo has given its clearest assurance yet that people's actual emails were not opened and read during last week's hacking attack on Telecom's Xtra service, which is outsourced to Yahoo.
A spokeswoman indicated Yahoo had evidence that hackers only gained access to victims' email contacts, but said it could not disclose the nature of that evidence without compromising security.
Yahoo said some of its email accounts that did not belong to Xtra customers were also hijacked, but would not say when or provide numbers.
Those accounts had also now been secured, the company said.
Telecom spokeswoman Jo Jalfon said about three-quarters of the 80,000 customers whose Xtra accounts were hacked following the security lapse had now changed their passwords, securing their accounts.
Telecom believed the majority of the remainder were unused accounts that had been abandoned by customers before they were hacked and used to send out malware-infected messages to contacts.
Xtra accounts were no longer being used to send out scam emails and it was not aware of any fresh attacks on its customers that made use of information gleaned by the hackers, she said.
- © Fairfax NZ News