For the second time in 10 days, my Rogers email has been hacked and everything is gone. Yes, I changed my password after the first time. What is going on here? I reported the first one to Yahoo, as Rogers directed, but got no help there. And now I can't even find the Yahoo address, since the email that contained it has disappeared! What is Rogers doing to stop this?
Yes, I sent that request to yahoo the first time it happened, on Nov 11 and they did nothing. I have sent it again today, but I'm not optimistic.
This is not placing the blame, as its not likely directly your fault.
But its quite possibly the problem is happening from YOUR end.
Usually in cases like that.. what happens is that there is MALWARE of some form on your machine. There is a KEYLOGER which is potentially recording every keystroke you make.
If you change your password on a machine which has a keyloger on it.. your just giving the password potentially again back to the bad guys breaking into the email.
I would recomend doing a full malware scan, with something like MALWAREBYTES.
Just to get this straight: Over 1 Billion accounts compromised.... Previously half a billion accounts and Rogers taking security seriously? Really? So they keep using a service that is known to be compromised... I do not purchase my Internet and email accounts from Yahoo, I purchase them from Rogers who is my ISP and who I trust to keep my information secure. That they have agreements with Yahoo or whomever in their SLA is not my concern, my concern is with those who provide me the service. I have changed my password frequently and maybe that caused the account not to be compromised at this moment. If I were the CIO or Security VP of this company I would certainly look for alternatives. I know there are few that can handle the load of Rogers but we as customers must demand that Rogers take action to protect our information. Just leaving it with Yahoo and telling customers all is fine while people read left right and center that Yahoo is compromised is not right and creating a false sense of security. What if restore requests for email is getting so high that they cannot keep up with the restores from archives? I did have information online in encrypted documents, because I trusted the 1TB storage option I got from Rogers. I have since removed this. Sure you call me paranoid, once you lost a document from your lawyer or employment offer you might remember this email.
Your concern is very valid - your point that you purchase Email services from Rogers, the fact that it happens to be managed by Yahoo being irrelevant is dead on - it is Roger's responsibilities to provide reliable safe internet services and if Yahoo can't do it, it is time to move on, and at a minimum, Rogers needs to be reporting to its own customers what is going on, and preventative steps to take.
We shouldn't be hearing this through the news and via reports from Yahoo. We don't get services from Yahoo, we get services from Rogers, who contracts with Yahoo. Ultimately security accountability lies with Rogers to ensure.
I do hope they take this seriously and at a minimum let us know what they are doing. It is something to worry about - and I am also in the process of moviing all information off their servers as fast as I can.
@Gdkitty Your suggestions are good ones - it is best practice to regularly scan your own computer for malware, but unfortunately, at this time with all we are learning new things from the news and Yahoo, and it is great that you as a Forum RE and member of the forum have provided this insight, it would also be nice for Rogers to take some responsibility in advising its customers on how to respond to what is coming forward, whether reporting that no Rogers customers were impacted if that is known, who was if that is known, and if unsure, that is good too.
And definitely, providing ways to protect us further is a great thing for them to do to.
I hope they live up to their responsibilities to protect our privacy and information and advise us on what is going on.
Yeah, sorry should have put the prev message quote in my reply up there.
It was in reply to DEN2.
Where his was getting re-hacked every 10 mins or so... its more likely the scenario i mentioned.
yeah, the whole yahoo email hack thing is a whole other issue...
Just took a look.. looks like Yahoo is STARTING to use two step authentication..
They have SMS authentication available now.
Looks like they have their own RSA type key thing.. built into the yahoo app though.
Would be nice, if they allowed it to be on say the GOOGLE authenticator app.
I took your advice and got Malwarebytes and so far so good ... but the fact remains, as others have said, that Rogers won't take responsibility for the fact that they, not Yahoo, provide the so-called service to clients and as such, should be responsible when the service fails. If I buy something at the Bay and it's faulty, I don't deal with the manufacturer - I deal with the Bay. They take responsibility for the shortcomings of their suppliers.
But I need to stop typing now. Rogers is the bane of my existence. Don't get me started on their TV service.
Yes, if you initially have an issue with the product, you would deal with The Bay for it.
But if its outside of the return period, etc, you do fall under Manufacturers warranty, where you do deal with the manufacturer for any warranty issues.
(only other exception would be 'in house' brands, like mastercraft, etc for Canadian tire, where you do the waranty there, etc)
But thats outside the main issue here
I whole heartedly agree, that they need to step up with WHAT They are doing to help this.
Or at min, a detailed explanation IF ours are safe (if they are housed elsewhere, which wasnt effected, etc)