For the past couple of weeks, the AOL email spoofing incident has made headlines all around the world. The company has now revealed that a significant number of users have been affected, amounting to about 2 percent of all accounts.
The spoofers apparently gained access to the various pieces of personal information belonging to AOL users, such as email addresses, postal addresses, address book contact information, encrypted passwords and the answers to security questions.
On the bright side, no financial info was revealed in the process. “In addition, at this point in the investigation, there is no indication that this incident resulted in disclosure of users’ financial information, including debit and credit cards, which is also fully encrypted,” the company wrote.
However, the company continues to urge users to reset their password and to modify their employee information, even if the encryption set on passwords and security questions was not broken.
“The ongoing investigation of this serious criminal activity is our top priority. We are working closely with federal authorities to pursue this investigation to its resolution. Our security team has put enhanced protective measures in place and we urge our users to take proactive steps to help ensure the security of their accounts,” reads the message from the AOL security team.