On April 28, 2014, AOL announced that they were notifying its users that the company was actively investigating a security incident involving unknown culprits who had gained unauthorized access to the AOL network systems. AOL said they were working with federal authorities to investigate this unauthorized criminal incident, as well as having brought in the “best in class forensic experts.”
It appears that AOL became aware of the cyber breach when AOL users began complaining/reporting about receiving unprecedented amounts of spam from a particular AOL account. The company was also receiving complaints from users who said their accounts were being used to send mass spam emails to their contacts that they had not sent. AOL said it began an immediate investigation as soon as they became aware of the mass number of complaints, bringing in law enforcement and cybersecurity experts immediately.
AOL says their investigation is a continuing process but now knows that as many as two percent of the tens of millions of AOL Mail accounts had been compromised and that the knowledge gained from that unlawful access was being used to perpetrate a spam campaign called known in the cyber security community as “spoofing”. To respond to the spam campaign being waged against the company AOL has changed its policy which may cause an inconvenience to actual people who are trying to send legitimate emails.
AOL provided the following message in their announcement to assist its users:
If you do find email in your Sent folder that you did not send, your account has been compromised (hacked). If you do not find any strange email in your Sent folder, your account has most likely been spoofed,” AOL’s help page on spoofing explains. “If you believe that your account has been compromised, or that your AOL Mail email address has been used to send spoofed messages, please visit the AOL Help site.
In the acknowledgement, AOL informed its users that the information the hackers had gained access to included; email addresses, postal addresses, encrypted passwords, and encrypted answers to security questions, address book contact information, and employee information.
Although AOL also strongly pointed out that no financial or credit card information had been compromised (which is also encrypted) it still strongly advised all its users and employees to reset their passwords and security question and answer just as a precaution. The company then made the following suggestions as additional measures its users should make to help protect them from any further incidents in the future:
AOL is notifying potentially affected users and is committed to ensuring the protection of its users, employees and partners and addressing the situation as quickly and forcefully as we can.
In addition, there are steps you can take to protect yourself from cyber risks. They include:
- If you receive a suspicious email, do not respond or click on any links or attachments in the email.
- When in doubt about the authenticity of an email you have received, contact the sender to confirm that he or she actually sent it.
- Never provide personal or financial information in an email to someone you do not know. AOL will never ask you for your password or any other sensitive personal information over email.
- If you believe you are a victim of spoofing, consider letting your friends know that your emails may have been spoofed and to avoid clicking the links in suspicious emails.
For more information, please visit faq.aol.com
Additional Resources About This Breach: