The Investigation is set immediately following a significant increase in the amount of spam appearing as “spoofed emails” from AOL Mail addresses.
The Spamming technique used is designed in such a way that the email sent looks like from a sender who is known to the recipient, tricking him to fall for the malicious link.
The Company said that Investigation is still ongoing, however they have determined that there was unauthorized access to information regarding a significant number of user accounts. including AOL users’ email addresses, postal addresses, address book contact information, encrypted passwords and encrypted answers to security questions that is asked when a user resets his or her password, as well as certain employee information.
There is no indication that the encryption on the passwords or answers to security questions was broken, but Company is advising users and employs to reset their passwords as a precautionary measure.
AOL Currently estimates that spammers have used this contact information to send spoofed emails that appeared to come from roughly 2% of our email accounts.
Users are advised not to click links from any suspicious email or to respond to any suspicious mail demanding for personal or financial information.
