Privacy Commisioner looks into Yahoo! Hack, but my hack was no reason for concern

The Privacy Commissioner didn’t give two shits about the hack of my personal data nor of the Media Party pedalling that all over their papers and airwaves.

But they are real concerned about the hack of Yahoo!

Spark says information from 130,000 Xtra email addresses is “at risk” as a result of a massive hack on Yahoo in 2014 that only came to light last week.

Privacy commissioner John Edwards praised Spark but questioned Yahoo’s response and said the hack showed the need for a New Zealand law to force companies to own up to data breaches.

Yahoo said last week that 500 million email customers had information stolen in the attack which it believed had the backing of a foreign government.

The attack also affected Spark customers as it outsourced its Xtra email service to Yahoo in 2007.

Spark said about 15 per cent of its 825,000 Xtra email addresses were at risk.

The information stolen from Yahoo includes unencrypted questions and answers to security questions that could be used to reset account passwords.  

These are commonly answers to questions such as a pet’s name or the name of people’s first school or car.

The leak of that information could cause customers’ other online services to be hijacked, in cases where they had supplied the same information.

Spark spokeswoman Michelle Baguley said it would be asking affected customers to immediately change their passwords, if they hadn’t already.

At least the majority of impacted Xtra customers had not had unencrypted security questions and answers stolen, although there might be scenarios in which it had been, she said.

Yahoo had told Spark it had no evidence that the stolen information had been used to gain unauthorised access to Spark accounts – meaning their actual emails – she said.

Edwards said he was monitoring the Yahoo hack.

He did not believe it was acceptable that security questions and answers were stored unencrypted by Yahoo and he expected that would be an issue privacy investigators in the United States and Ireland would look into.

“We will be following those investigations closely on behalf of New Zealanders.”

They did jack shit for this New Zealander. When I am Dictator for Life I will shut this crowd down.


– Fairfax

Do you want:

  • Ad-free access?
  • Access to our very popular daily crossword?
  • Access to daily sudoku?
  • Access to Incite Politics magazine articles?
  • Access to podcasts?
  • Access to political polls?

Our subscribers’ financial support is the reason why we have been able to offer our latest service; Audio blogs. 

Click Here  to support us and watch the number of services grow.