Telecom has decided to continue using Yahoo as its email provider, under the YahooXtra brand, despite a major security breach earlier this year.
A survey has found users “rate the service highly” and intruders are becoming so clever that any alternative provider would be just as likely to be penetrated, says a statement from Telecom Retail CEO Chris Quin.
Quin reveals Telecom considered pulling out of providing an email service altogether. “We looked seriously at whether we should continue offering an email service at all, and the overwhelming feedback from our customers was that we should,” he says.
Quin says “a comprehensive review” of the service “showed email security is very much a global issue – it is by no means a problem limited to Yahoo.
“All email providers are engaged in a continuous battle against online crime and spam,” he says. “Yahoo, as one of the biggest global providers of email, is at the frontline of this battle - they block more than 600 billion spam messages a month. They’ve made it clear to us how seriously they take the overall security of their systems and our customers’ data,” he says.
Telecom is also looking at how it can “better cater” for customers who choose not to use YahooXtra, Quin says “This is particularly common amongst new customers, who usually come to us with an existing email account. While a YahooXtra account is available to all of our broadband customers if they see value in it, it is by no means mandatory for them to take it up.”
More than 80,000 accounts were compromised in the intrusion incident in February. The majority of those users heeded a call to change their passwords, but many needed help to do so, or found the process would not work; this jammed Telecom service lines, resulting in long waiting times. Telecom eventually resorted to cancelling the thousands of passwords that had not been changed.
“More than 200,000 customers have now changed their passwords, demonstrating a growing understanding amongst our customers of how to keep themselves secure online,” Quin says. “We encourage customers to change their passwords monthly as part of good online practice.”
Quin says as a result of the review, Telecom and Yahoo are taking steps to improve security and the customer’s interface with the YahooXtra service.
“In the short term, Telecom is working with Yahoo to implement a much simpler process for alerting customers whose accounts have been compromised and helping them re-secure those accounts. This will involve automatically directing customers to a webpage that advises them their accounts have been compromised and then steps them through changing their password, and making any necessary changes to their settings.
“We are also evaluating a solution that would see us move to Yahoo! standardised infrastructure, rather than the bespoke service they provide us with today. We believe this would offer a more robust and flexible platform, with greater redundancy than our current setup, improving the reliability of the service, and reducing the impact of any incident if something does go wrong.”