Yahoo's Email Hacking Problem Starts To Hurt As Major Telecom Provider Ditches The Service

By Huffington Post

A British telecom company says it will no longer make Yahoo Mail the default email service for its 6 million customers due to concerns their accounts are vulnerable to getting hacked.

“We will be switching customers’ email over to BT Mail, which will include the features and functions they expect from a modern email service,” said Nick Wong, online director for British Telecom’s consumer division, according to The Telegraph.

The shift of BT's 6 million customers to another email service represents just a small fraction of Yahoo's overall email customer base of about 280 million people worldwide. But the loss of clients could be a troubling sign for a company that relies heavily on maintaining its email users to generate advertising revenue. Yahoo is now the third-largest email provider after Google’s Gmail and Microsoft’s Outlook.com.

As part of her bid to revive the fading Web giant, Yahoo CEO Marissa Mayer in December unveiled a redesign of Yahoo Mail aimed at making the service more sleek and user-friendly.

But Yahoo Mail has still been plagued by security vulnerabilities, and many customers have been under assault from hackers. They have complained of an increase in spam sent to their contacts and being locked out of their accounts by hackers who hijacked their passwords.

In one incident reported in January, hackers were able to access accounts by sending a malicious link to victims' inboxes. Yahoo said it has since fixed the security flaw.

Chester Wisniewski, a senior adviser at the security firm Sophos, said Yahoo's hacking problem stems partly from the company's decision not to implement two-factor authentication -- a feature that sends additional one-time passwords to users' cell phones to make their online accounts more difficult to hack. Gmail and Outlook.com currently offer two-factor authentication.

"Yahoo is the only one that doesn't have the ability to warn you that somebody else has accessed your account," Wisniewski said. "If I were advising a friend who needed a free email account, I'd say stay away from Yahoo."

A Yahoo spokesperson did not respond to a request for comment.

Wisniewski said Yahoo may stand to lose more email customers, but he questioned whether security concerns about the service would greatly affect the company's overall performance.

"People wil be upset about this and Yahoo will lose more clients, but will they have a mass exodus that has an impact on their revenue? I doubt it," he said. "People are too lazy" to switch email providers, he said.

UPDATE: In a statement Saturday, a Yahoo spokeswoman said the company "takes protection of its users' data very seriously" by implementing safeguards and encouraging users to protect their accounts by using strong passwords, anti-virus software and avoiding clicking on malicious links.

"Account compromise is a serious industry issue with new forms of abuse arising nearly every day," Yahoo spokeswoman Caroline Macleod-Smith said. "Yahoo actively monitors accounts for suspicious activity, and if we find it, we act to secure the account immediately and prompt users to change their passwords."