AOL Breach Puts Users' Personal Info at Risk
AOL today said it is 'investigating a security incident' that likely led to a recent increase in incidents of email spoofing.
The breach 'involved unauthorized access to AOL's network and systems,' AOL said in a statement, which put email addresses, postal addresses, address book contact information, encrypted passwords, and encrypted answers to security questions at risk.
At this point, AOL has no indication that the encryption on the passwords or the answers to security questions was broken, or that financial information, including debit and credit cards, were compromised.
'We nevertheless strongly encourage our users and employees to reset their passwords used for any AOL service and, when doing so, also to change their security question and answer,' AOL said. 'We believe that spammers have used this contact information to send spoofed emails that appeared to come from roughly 2 percent of our email accounts.'
AOL is notifying affected users and encouraged users not to click on suspicious links or respond to emails from people they do not know. The company also suggested that spoofing victims notify friends and tell them not to click on suspicious emails, either.
AOL started its investigation earlier this month after users started reporting that their email addresses were being used to send out spammy messages. According to AOL, 'spoofing is when a spammer sends out emails using your email address in the From: field. The idea is to make it seem like the message is from you – in order to trick people into opening it.'
After the rise in spoofing incidents, AOL said it would change its email policies to avoid delivery of spoofed messages. 'AOL Mail is immediately changing its policy to help mail providers reject email messages that are sent using forged AOL Mail addresses,' the company said. 'By initiating this change, AOL Mail, along with other major email providers will reject these spoofed email messages, rather than deliver them to the recipient's inboxes.'
Post a Comment for "AOL Breach Puts Users' Personal Info at Risk"