Emailers shut out as chaos grows

Around 80,000 accounts hacked in YahooXtra security breach

Email woes continued for tens of thousands of YahooXtra customers at the weekend after they had their email passwords cancelled - and then many found it impossible to reset the information to gain access to their accounts.

Many angry and frustrated customers spent hours waiting on the phone to activate a new password. Others tried to use the recommended online reset option, but found the answers to their personal security questions rejected.

After a cyber attack starting on February 9, hundreds of thousands of spam emails were sent from YahooXtra customers' accounts, when hackers accessed about 80,000 account details.

About 20,000 account holders had reset their security by Saturday, but the passwords of the remaining 60,000 compromised accounts were cancelled at short notice by the internet provider.

The customers were then asked to change their passwords online or through Telecom's customer service line.

Despite putting on extra staff, Telecom admitted that many people had been forced to wait on the phone for several hours to change their passwords, due to extremely high call volumes.

Spokeswoman Jo Jalfon recommended customers reset their passwords online, to avoid long wait times, and to remember to change all of their accounts, including their cellphone and tablet email accounts at the same time.

"We apologise profusely for the inconvenience and any distress it has caused."

Not all of the spam links sent from people's accounts were harmful, she said, but some requested personal details including bank account and credit card information.

YahooXtra, which provides Telecom's email service, assured her it had isolated the affected accounts, and the remaining 370,000 were secure, Jalfon says.

Kelburn resident Ted Woodfield is considering changing his internet and email provider after Telecom's haphazard resolution of the hacking.

After noticing rogue emails were sent from his private email last weekend, Woodfield reset his password last week. Yesterday he was unable to access his account when his new password was among those cancelled.

Particularly frustrating is the online password reset system, which rejected his answers to the security questions. He tried three times to reach a Telecom customer service representative yesterday.

"I believed I responded in the appropriate manner and changed my email [password] . . . then five days later I find myself being shut off. It appears to be a consistent pattern of inadequacy."

A YahooXtra spokesperson says the email provider is continuing its investigation into the hacking. It is thought only customers' email address books had been accessed.