AOL probes breach allowing hackers to spoof email

April 28, 2014
AOL said Monday it had launched an investigation with federal authorities into a security breach that allowed hackers to gain access to around two percent of its email accounts

AOL said Monday it had launched an investigation with federal authorities into a security breach that allowed hackers to gain access to around two percent of its email accounts.

The probe began "following a significant increase in the amount of spam appearing as 'spoofed emails' from AOL Mail addresses," the Internet company said in a statement.

Spoofing is a tactic used by hackers to make it appear that the message is from an email user known to the recipient in order to trick the recipient into opening an attachment which may contain malware, AOL noted.

"AOL's investigation is still underway, however, we have determined that there was unauthorized access to information regarding a significant number of user accounts," the statement said.

"This information included AOL users' email addresses, postal addresses, address book contact information, encrypted passwords and encrypted answers to security questions that we ask when a user resets his or her password, as well as certain employee information."

The company added that "we believe that spammers have used this contact information to send spoofed emails that appeared to come from roughly two percent of our ."

AOL said it was working with "best-in-class external forensic experts and to investigate this serious criminal activity."

The statement said it was not known whether the encryption on passwords or answers to security questions was broken, but that "as a precautionary measure, we nevertheless strongly encourage our users and employees to reset their passwords used for any AOL service."

Explore further: Online accounts for Blizzard video games hacked

Related Stories

Hackers sock smartphone earpiece star Jawbone

February 13, 2013

Jawbone on Wednesday warned users of its earpieces and Jambox speakers that hackers stole names, email addresses and encrypted passwords from accounts used to make the wireless devices smarter.

Germany says 16 mn email accounts compromised

January 21, 2014

German authorities said Tuesday the digital identities of 16 million online users had been stolen, compromising their email accounts, linked social media and other services.

Yahoo email account passwords stolen (Update 2)

January 30, 2014

Usernames and passwords of some of Yahoo's email customers have been stolen and used to gather personal information about people those Yahoo mail users have recently corresponded with, the company said Thursday.

Recommended for you

Student examines the issue of over-trusting robotic systems

May 26, 2016

If Hollywood is to be believed, there are two kinds of robots, the friendly and helpful BB-8s, and the sinister and deadly T-1000s. Few would suggest that "Star Wars: the Force Awakens" or "Terminator 2: Judgment Day" are ...

Carnegie Mellon engineers develop fall-prevention sensors

May 25, 2016

Carnegie Mellon University's College of Engineering conducted a survey on falls among the elderly, and discovered that Americans are very worried about their elderly parent falling—and that this worry leads to action.

Monitoring sun exposure with a portable paper sensor

May 25, 2016

Summer is around the corner—time for cookouts and sunbathing. But too much sun can result in sunburn, which is the main cause of skin cancer. Because the time it takes to get burned depends on many factors, it is not easy ...

0 comments

Please sign in to add a comment. Registration is free, and takes less than a minute. Read more

Click here to reset your password.
Sign in to get notified via email when new comments are made.