Telecom NZ temporarily cancelled 60,000 Yahoo Xtra email passwords at the weekend. The move follows ten days of spam messages swamping New Zealand in-boxes.
The biggest email outage New Zealand has seen.
Yahoo is the problem. Not just for the sloppy security which meant the Yahoo Mail site has a cross site scripting vulnerability.
That’s bad enough. But Yahoo lied about the fault. Then it hid the vulnerability’s seriousness both from partners like Telecom NZ and from end-users.
Yahoo repeated claimed to have fixed the problem. It hadn’t.
The company simply cannot be trusted. That leaves us with no alternative: dump everything Yahoo.
That means you and I should have nothing to do with Yahoo. It also means Telecom NZ needs to pull the plug. Telecom’s lawyers should already be pouring over any contracts. Telecom NZ needs a transition process for customers locked into to Yahoo Xtra mail accounts to disengage, the sooner that gets started the better.
Related articles
- Does Telecom NZ even need Yahoo? (billbennett.co.nz)
- Xtra email accounts compromised (stuff.co.nz)
- How safe is changed password? (homepaddock.wordpress.com)
Does anyone want to suggest a good migration tool that will email an (outlook) address book with change of address messages? Not for me you understand!!
That’s a good point, keeping track of business contacts is easy enough with thinks like Linkedin and Smartr – non-work ones are the worry.
Pingback: New Yahoo vulnerability | Solving Problems, with fun
Pingback: New Yahoo vulnerability | ECHO Solutions blog