Following the attack on the Yahoo Xtra service earlier this week (read about that here) some customers have actually followed advice and changed their passwords.
But what isn’t surprising, perhaps, is the fact that the number of password changes only represents a small proportion of all the accounts.
“We would like to thank the 50,000 customers who have changed their passwords since this issue first arose last weekend. However, we would like to see all our 450,000 Yahoo! Xtra customers change their passwords. Yahoo! has given Telecom an assurance that changing customer passwords stops malicious ‘spam’ emails being sent without the customer’s knowledge if their account has been compromised.”
Chris Quin, Telecom New Zealand
So thats a whopping 1 in 9 customers who have changed their password following a well publicised issue. And people wonder why security experts often go on about customer education and say how the end user is generally the weak point when it comes to security!
And this comes at a time when stuff.co.nz warn that,
“Scammers were phoning customers pretending to be from the company, offering to provide assistance to customers in changing their account passwords”
In the meantime Telecom will be emailing Xtra customers known to have been affected by the security breach. If they do not alter their account passwords within 24 hours then they will be forced to do so on the next occassion that they attempt to sign in. The first 10,000 affected customers will be receiving notification today.