on 15-02-2012 18:31
As you may be aware, a handful of customers have reported suspicious activity generated through their email accounts, typically related to spam emails being sent to their contacts.
We take security issues extremely seriously and have been working with affected customers to help understand why this is happening, and to help prevent this happening in future.
We have identified that the root cause of these issues are related to the use of weak passwords, or in some cases, the same email and password combinations being used as logins for other sites.
We're pleased to report that many of the affected customers who have contacted us have now changed their email passwords to something more secure, resulting in the elimination of spam email being sent from their accounts.
We realise that there are many customers that may not be aware of this potential issue, or may still be using weak passwords, so we are also looking at a range of additional technical measures to try and prevent these kinds of issues arising in the future.
We hope to deploy these new measures to customers as soon as possible, however in the meantime, customers can help avoid their email accounts being used to send spam email by ensuring their passwords follow our advice on how to choose a strong and secure password, are unique and complex (such as containing numbers and a mixture of capital or lowercase letters) and are not used on other sites and cannot easily be guessed.
In the meantime, if you think that your email account has been hijacked to send spam email, please follow the advice here.