Various news media are reporting that over 30,000 email accounts belonging to users of web based email providers such as Gmail, Yahoo! Mail, Hotmail and Aol (to name a few) have been compromised.  It is unclear yet as to the exact nature of the compromise.  Some reports state that the accounts were compromised by a phishing attack.  Others state, and some of the sources I have spoken to, state the accounts were compromised as the result of a trojan or keylogger software infecting the victims machines. 

Either way if you use a webmail based service you should change your password.  Also make sure you do not use the same password across different systems because if your email password has been compromised then those other systems could be accessed by the criminals.  If you are responsible for managing the security of your organisation then consider that some of your users may use the same password for their personal email and their corporate account.  You should monitor your access logs and if you detect any suspicious activity, such as logins from countries your users are not based in, then react accordingly.  The CyberCrime & Doing Time blog have a good post on the topic which analyses how they believe the attack may have happened.

I was interviewed by both the SiliconRepublic and RTE today on this issue

About the Author: bhimport

Let’s Talk

Please leave your contact details and a member of our team will be in touch shortly.

"*" indicates required fields