shaw webmail hacked

anyone had this happen to them?

I tried to log into webmail and couldn't, password didn't work. Contacted shaw customer service and they said it looked like my account had been breached and password changed. I also had about 200 returned emails in my inbox that a spammer had sent. It looks like they used my email address, I don't see the emails in the sent folder though. I'm concerned they had access to some sent email that had confidential information. Shaw wouldn't tell me when it was breached or when the password had been changed, only to contact the police if I was concerned.

any thoughts?

Yahoo mail was hacked too - lot's of returned e-mails (failed delivery) and nothing in the sent folder. I think it's some kind of bot that uses your address, but somehow doesn't use the account?

Here are the details on the yahoo mail hack…

http://thenextweb.com/insider/2013/01/31/yahoo-mail-users-still-seeing-accounts-hacked-via-xss-exploit-amid-reports-yahoo-failed-to-fix-old-flaw/

I've been getting lots of spam lately from friends' hotmail accounts that have clearly been compromised in some way.

Gmail with two step verification is a good thing. Outlook.com is supposed to have something similar, but I've not investigated it as I don't use it.

Outlook.com is supposed to have something similar, but I've not investigated it as I don't use it.

Outlook.com is Microsoft's replacement for Hotmail.

Goodbye Hotmail, hello Outlook
http://www.royalgazette.com/article/20130227/BUSINESS07/702279989

Some possibilities:

1. The hackers exploited a known flaw in the provider's mail system to access your account
2. They guessed your password
3. They know your password from breaking into another site which stored both your email address and your password for that site which is the same as your shawmail password.
4. They got your password by phishing - an email or webpage that directed you to a fake site to which you entered email/password information
5. You have malware that logs your keystrokes and someone has harvested your passwords from this
6. Someone "sniffed" unencrypted transmitted data over the network and harvested a list of accounts and passwords

I would suggest you start with your home and work computers, making sure they are clean. Once you are sure your machine is secure I would suggest changing all your various account passwords from what they are currently. (Its easier than it sounds, you can substitute zeros for the letter o, the number 1 or ! for the letters L or I, the number 3 for the letter B, etc etc.). Also check credit card and bank statements for any unauthorized transactions that aren't your wife's. Anyway, that would be the paranoid's answer.

I checked both computers and they appear clean. I run up to date Kasperky anti virus/internet security on both of them. I've changed the passwords on most things to all different ones. I am guilty of pretty much using the same password for everything and it was a pretty easy word at that. My banking stuff seems ok. I think my home network is secure but I do wonder about checking my email with my iphone from either public access or 3G?

Shaw couldn't tell me much about it. I thought they would be able to tell me when my email password had been changed and even know the ip address of whoever did it but they couldn't. It would appear that real life is different than CSI. I contacted my local police dept and they said replied with this

Good Morning,

Given that Shaw Webmail is a web based e-mail service, it is unlikely your computer itself was compromised. If you are concerned your computer may have been accessed, it is suggested you take it to a computer repair service to have it checked for viruses and other malware.

If your e-mail account contains files with personal information such as passwords, bank account numbers, credit card numbers or other such sensitive information, you may with to contact the credit bureaus to have a fraud alert placed on your credit accounts. You can also order copies of your credit reports to ensure no fraudulent activity has occurred.

Equifax: (866) 828-5961
Trans Union: (800) 663-9980

You should also change the passwords of all your e-mail and banking accounts, as well as consider changing the PIN on your debit and credit cards. This should be done regularly regardless if you have been compromised or not.

More information about identity theft prevention can be found online at the Anti Fraud Centre: http://www.antifraudcentre-centreantifraude.ca

Regards,

Coquitlam RCMP

I'm guessing this is kind of common?? I feel kind of violated, like when you turn around suddenly and see splinky behind you.

sorry, i just needed your email to sell my roolux watches and vagru male enhancement pills

People still use Shaw webmail?

Kn.

People still use Shaw webmail?

Kn.

at least 2

this is the first issue I've had in over 12 years of the same email address

come on Dave, everyone knows Telus webmail is where its at.

I've been getting lots of spam lately from friends' hotmail accounts that have clearly been compromised in some way.

Gmail with two step verification is a good thing. Outlook.com is supposed to have something similar, but I've not investigated it as I don't use it.

I run two step on everything I can. Can be a real pain in the ass sometimes but that just means its doing a good job.

so if shaw webmail is no good, what is the best email service?

come on Dave, everyone knows Telus webmail is where its at. #sarcasm

FYP