WASHINGTON – AOL said Monday it had launched an investigation with federal authorities into a security breach that allowed hackers to gain access to around two percent of its email accounts.
The probe began “following a significant increase in the amount of spam appearing as ‘spoofed emails’ from AOL Mail addresses,” the Internet company said in a statement.
Spoofing is a tactic used by hackers to make it appear that the message is from an email user known to the recipient in order to trick the recipient into opening an attachment which may contain malware, AOL noted.
“AOL’s investigation is still underway, however, we have determined that there was unauthorized access to information regarding a significant number of user accounts,” the statement said.
“This information included AOL users’ email addresses, postal addresses, address book contact information, encrypted passwords and encrypted answers to security questions that we ask when a user resets his or her password, as well as certain employee information.”
The company added that “we believe that spammers have used this contact information to send spoofed emails that appeared to come from roughly two percent of our email accounts.”
AOL said it was working with “best-in-class external forensic experts and federal authorities to investigate this serious criminal activity.”
The statement said it was not known whether the encryption on passwords or answers to security questions was broken, but that “as a precautionary measure, we nevertheless strongly encourage our users and employees to reset their passwords used for any AOL service.”
More from AFP
- Dutch, European Hospitals ‘Hit by Pro-Russian Hackers’
- Cyberattacks Target Websites of German Airports, Admin
- Meta Slapped With 5.5 Million Euro Fine for EU Data Breach
- International Arrests Over ‘Criminal’ Crypto Exchange
- France Regulator Raps Apple Over App Store Ads
- More Political Storms for TikTok After US Government Ban
- Meta Hit With 390 Million Euro Fine Over EU Data Breaches
- Facebook Agrees to Pay $725 Million to Settle Privacy Suit
Latest News
- Big China Spy Balloon Moving East Over US, Pentagon Says
- Former Ubiquiti Employee Who Posed as Hacker Pleads Guilty
- Cyber Insights 2023: Venture Capital
- Atlassian Warns of Critical Jira Service Management Vulnerability
- High-Severity Privilege Escalation Vulnerability Patched in VMware Workstation
- Exploitation of Oracle E-Business Suite Vulnerability Starts After PoC Publication
- China Says It’s Looking Into Report of Spy Balloon Over US
- GoAnywhere MFT Users Warned of Zero-Day Exploit
