14 DAY TRIAL // Earlier this month, AOL revealed that spammers were spoofing customers’ email addresses in an effort to lure users to various shady websites. While the spam emails haven’t been sent directly from the impacted customers’ accounts, it turns out that AOL has suffered a data breach.
After its initial analysis, AOL revealed that the spammers were spoofing email addresses to trick recipients into thinking that the messages came from a trusted person. While it was clear that the cybercrooks were not sending out the unsolicited emails directly from victims’ accounts, many wondered how the attackers gained access to address books.
In a new blog post published on Monday, AOL clarified that the company’s systems and networks had been hacked.
The cybercriminals have managed to gain access to email addresses, physical addresses, contact information from address books, encrypted passwords, and encrypted answers to the security questions that users must provide when resetting their password.
Some employee information has also been compromised. The company says that around 2% of its user base is impacted.
This explains a lot. Spoofing email addresses is easy, but as experts highlighted after the spam run was launched, the attackers still needed to use some sort of exploit in order to obtain the addresses of those who received the messages advertising “miracle diet” websites. It appears that they’ve obtained the information straight from the source.
On one hand, AOL says that there’s no indication that the attackers have managed to decrypt passwords and the answers to security questions. There’s also no evidence that any financial information has been compromised. The company highlights that this type of data is fully encrypted.
On the other hand, customers are asked to change their passwords, and their security question and answer as a precaution.
An external team of forensic experts and federal authorities have been called in to investigate what AOL calls “serious criminal activity.”
“The ongoing investigation of this serious criminal activity is our top priority. We are working closely with federal authorities to pursue this investigation to its resolution. Our security team has put enhanced protective measures in place and we urge our users to take proactive steps to help ensure the security of their accounts,” the AOL Mail Team noted.
“AOL is notifying potentially affected users and is committed to ensuring the protection of its users, employees and partners and addressing the situation as quickly and forcefully as we can.”
In the meantime, the company advises users to be on the lookout for suspicious emails containing links or attachments. Internauts are also instructed never to send personal or financial information via email to people they don’t know.
Victims of spoofing attacks should alert their contacts and advise them not to click on links in suspicious emails.