Yahoo (YHOO) released Tuesday its second quarter statement and delighted some with its earnings per share beat. As its shares soared the following day, few noted that Yahoo missed its revenue expectations and guided future estimated income and revenue lower. This tempered guidance might anticipate a decline in Yahoo's user base.
Broadband service provider British Telecom (BT) recently dropped Yahoo as its default email service following customer complaints that their accounts had been hacked and hijacked by spammers. BT and Yahoo had been investigating the issue as early as March, and shortly thereafter Yahoo email boss Vivek Sharma left the company. Whether he left on his own accord or was shown the door is unclear. What is clear is that BT was not satisfied with Yahoo's efforts to patch its security vulnerabilities. Losing six million customers at once might seem pale in comparison to its 280 million accounts, but there have been less publicized security threats to Yahoo's user base.
Code has been available to hijack Yahoo accounts and instructional videos exist in venues such as YouTube. Tech site The Next Web had chronicled the new exploits and Yahoo's responses. They concluded that the problem persists and is not easing up anytime soon. A reason for the persistence is that the hijackers will harvest contacts and even email addresses from sent and received items in the victim's account. They then lock out the rightful user and proceed to heavily spam the captured addresses from the hijacked account, in turn exposing others to the exploit.
To Yahoo's credit, hijacked users can recover their account if they previously registered an alternate email address with Yahoo. But this has not solved the problem, as accounts are still being compromised. Google trends for the phrase "yahoo email hacked" indicates a huge spike in the June 16 to 22 period. Anecdotal evidence exists demonstrating that accounts are still being hijacked. Every day, Yahoo Answers fields dozens of users who inquire about their hacked accounts.
The third-largest email provider behind Google (GOOG) and Microsoft (MSFT), Yahoo apparently put more emphasis on sleekness over security. CEO Marissa Mayer unveiled in December a remake of its email format. A review of user feedback shows that it is not exactly the hit Yahoo had in mind. Users complain that there is no option to revert to classic mail, while others report technical problems and slow speed.
For a company which relies heavily on its base of email users to produce advertising revenue, Yahoo's inability to secure its service will ultimately drive away users and damage the company's reputation. Alternatives are readily available.