Yahoo! Email recycling: The good, the bad and the ugly

22nd July 2013 :: Data Security :: Author: Andrew Cope, Managing Director, Evergreen

Yahoo emailsWhere were you and do you know where your Yahoo! email was on 15th July 2013? July 15th is noteworthy in history for the day that Italy formally declared war on Japan in 1945, for the day that Italian fashion designer Gianni Versace was shot dead in 1997 or even for the day in 2010 that Robbie Williams rejoined Take That after a 15 year split! So what's noteworthy about 15th July 2013 other than the fact that it was another scorching day during an uncharacteristic British heatwave? This could be your D-day , the one you'll look back on as the day you lost your email address for good, or worse still for the day your personal on-line security or business email marketing was compromised.

July 15th marked the day that giant ISP provider Yahoo! began to free up email accounts that had been inactive for a long period of time. If you have an email address that ends in yahoo.com, ymail.com, rocketmail.com or btinternet.com (that is powered by Yahoo!) and haven't accessed your email account for over a year, say farewell as Yahoo! will be in the process of recycling your email address. The old emails, contacts, and all associated data will be removed and Yahoo! will open up those account IDs for new users. For 30 days after 15th July, Yahoo plans to bounce back emails with an alert to senders, telling them that the account has been deactivated.

The good news is you can apply for a new Yahoo! address that was previously allocated to someone else and by mid August you'll find out if you have been lucky to get the Yahoo! address you've always wanted.

The bad news is that there are some serious security concerns as well as some potentially damaging prospects for businesses. So what should you be aware of?

1) Re-assess your log-in information

People will be able to claim Yahoo! IDs and potentially use them to take over other people’s identities via password resets and other methods. eg. someone who uses a Yahoo email address only as a backup for another email address and so hasn't logged into it for a long time, would be vulnerable to having that address taken over by a malicious individual who only wanted to ultimately get into their active address. This could lead to taking over on-line banking accounts, social media accounts etc. with potential for causing all manner of mayhem and security breaches. Some people use different email addresses for family and friends than they do for their on-line purchases and e-commerce sites like Amazon allow you to store your credit card information, to make it quicker and easier for you to make future purchases. If your log-in is via a Yahoo! email and you haven't used that email account for over a year then Yahoo! will be putting it in its recycle bin, so how will you access your profile? What's more, if you've stored your credit card details on the e-commerce site, who's to stop the recipient of your old email address logging on to your profile and stealing your credit card details? With options to reset forgotten passwords, this could be easily achieved.

2) Don't let your business get caught in the spam trap

As a business, if you send emails out to customers then now (if you haven't already done so) is the time for spring cleaning your data. You may think that a customer with a Yahoo! email address who has not opened one of your emails for over a year is pretty harmless but what if their email account has been abandoned? In Yahoo's recycling frenzy if someone reclaims that address and you continue to send, they could very well hit the spam button. After all, they didn’t opt-in to subscribe to your list. If you have a large amount of Yahoo! email records like this then the more that hit the spam button, the more likely you are to have your emails blocked by Yahoo, jeopardising getting your marketing message to those who really want it.