itb-nz logo
Story image

Telecom renews Yahoo Xtra commitment following breach

05 Apr 2013

Telecom has finished its comprehensive review of Yahoo Xtra email, concluding it must do better.

Following an awful February for the telco, the company vowed to investigate how over 60,000 Yahoo Xtra email passwords were breached, in an attack which caused uproar among Kiwis.

Yet Telecom announced today that it will continue to offer its Yahoo Xtra email service with Yahoo as its email provider.

But after receiving strong feedback from customers, the telco obtained a commitment from Yahoo that both would would work in unison to improve the customer experience of the service.

“What came through loud and clear was that customers put a lot of value on the Yahoo Xtra email service and rate it very highly," says Chris Quin, CEO, Telecom Retail.

"Many have used an Xtra address for a number of years and see it as an important part of their online identity."

As part of the review, Telecom carried out research with customers and potential customers on the importance of having an email service supplied by their broadband provider.

"We looked seriously at whether we should continue offering an email service at all, and the overwhelming feedback from our customers was that we should," Quin says.

“Of course there are those customers who use Telecom’s Broadband or Ultra Fibre services but choose not to have a Yahoo Xtra email address, and so we are also looking at how we can better cater for those customers in the future.

"This is particularly common amongst new customers, who usually come to us with an existing email account.

"While a Yahoo Xtra account is available to all of our Broadband customers if they see value in it, it is by no means mandatory for them to take it up."

Quin says the review showed that email security is very much a global issue in an attempt to diffuse the controversy surrounding the Yahoo Xtra breach.

“All email providers are engaged in a continuous battle against online crime and spam," he says.

"Yahoo, as one of the biggest global providers of email, is at the frontline of this battle - they alone block more than 600 billion spam messages a month.

"They’ve made it clear to us how seriously they take the overall security of their systems and our customers’ data."

Following the February incident, Telecom urged customers to improve their online security by changing their email password, and continuing to do so regularly.

“More than 200,000 customers have now changed their passwords, demonstrating a growing understanding amongst our customers of how to keep themselves secure online," Quin says.

"We encourage customers to change their passwords monthly as part of good online practice.”

As a result of the review, Telecom and Yahoo are now taking steps to improve both the security and the customer experience of the Yahoo Xtra service.

“In the short term, Telecom is working with Yahoo to implement a much simpler process for alerting customers whose accounts have been compromised and helping them re-secure those accounts," Quin says.

"This will involve automatically directing customers to a webpage that advises them their accounts have been compromised and then steps them through changing their password, and making any necessary changes to their settings.

“We are also evaluating a solution that would see us move to Yahoo standardised infrastructure, rather than the bespoke service they provide us with today.

"We believe this would offer a more robust and flexible platform, with greater redundancy than our current setup, improving the reliability of the service, and reducing the impact of any incident if something does go wrong.”

Telecom also looked very seriously at whether it should continue to partner with Yahoo at all following the breach.

Discussions were held with the Yahoo CEO and senior executives and with other large international telcos who, like Telecom, use Yahoo as an email service.

“After a thorough review of our partnership with Yahoo, we have decided that continuing this partnership is in the best interests of our customers," Quin says.

"We are confident that Yahoo! are as committed to improving the customer experience of Yahoo Xtra email as we are and with 400,000 customers using the Yahoo Xtra service regularly, any decision to change the service has significant implications and could not be undertaken lightly.

“While the reality of today’s online world means that future security incidents cannot be entirely avoided, we will continue to take constant steps towards mitigating risks and improving the experience of our customers.

“Our review is not the end of this chapter.

"We’ll continue to work closely with Yahoo to monitor issues, and ensure that any potential risks are mitigated so that we can deliver the best overall experience for our customers.”

Does Telecom's review offer you confidence that the breach won't happen again? Tell us your thoughts below