Tech Made Simple

Hot Topics: How to Fix Bluetooth Pairing Problems | Complete Guide to Facebook Privacy | How to Block Spam Calls | Snapchat Symbol Meaning

We may earn commissions when you buy from links on our site. Why you can trust us.

author photo

Recycled Yahoo Email Addresses Proving a Security Nightmare

by Fox Van Allen on September 27, 2013

Yahoo mailA short while ago, Techlicious reported on Yahoo’s effort to recycle old, dormant user names. Predictably, there was a lot of handwringing over the idea. While it’d be great to free up desirable but long-dormant user names, there was a lot of concern over whether Yahoo could do it without creating pressing privacy and security concerns. Still, the email provider suggested accounts really could be “recycled safely and securely.”

As it turns out, Yahoo was wrong and the skeptics were right. According to a lengthy report by Information Week, owners of newly recycled Yahoo accounts are receiving plenty of email intended for the address’s previous holder. And it’s not just spam, either – incredibly sensitive personally identifying information is winding up in the hands of total strangers.

Under the terms of Yahoo’s controversial plan, any email address that had not been signed in to for over a year would be deactivated and offered to new users. Yahoo would then monitor the account for 30 days, send bounce notifications to email senders, unsubscribe the account from bulk lists and even implement a new type of email filtering technology. Unfortunately, those efforts are falling well short.

"I can gain access to their Pandora account, but I won't. I can gain access to their Facebook account, but I won't. I know their name, address and phone number. I know where their child goes to school, I know the last four digits of their social security number. I know they had an eye doctor's appointment last week and I was just invited to their friend's wedding," explained one Yahoo Mail user, detailing the kind of personal correspondence he's seen in the short time he's owned his Yahoo account. Others are reporting getting airline flight confirmations, emailed receipts, court documents and even funeral announcements meant for their account’s previous owner.

For its part, Yahoo says only a “very small number of users” are reporting getting mail intended for other people. The problem: Plenty of recycled account holders likely won’t self-report a problem involving someone else's data. After all, when was the last time you complained to your email provider about getting mail meant for someone else? (To its credit, Yahoo announced this week it would be implementing a 'Not My Email' button to aid reporting.)

Yahoo’s email account policy should give you serious pause before opening up a new email account with the company. Email accounts should never be recycled, because there’s no way to guarantee it can be done safely, as Yahoo proved.

If you have a current Yahoo email account, I strongly recommend signing in to it regularly lest a stranger wind up thumbing through your mail. I’d also recommend you never use a Yahoo email account for your online banking, e-commerce sites or social networks, lest you risk these being compromised one day. If you do currently, you should migrate to Google, Outlook or one of any number of other email providers smart enough not to offer account recycling. Yahoo email just isn’t secure enough anymore.


Privacy, News, Computers and Software, Internet & Networking, Computer Safety & Support, Blog

Discussion loading


From ABogue on October 06, 2013 :: 1:01 pm

This is a practice that bellsouth has been doing for years.. Bellsouth gave my long held email address to someone a couple of years ago. . The only difference is the account was not inactive, it was in use every day..



From Jeff on October 09, 2013 :: 2:17 am

I’ve been using the same Yahoo email for over 20 years now.  Never had a problem with it.


Home | About | Meet the Team | Contact Us
Media Kit | Newsletter Sponsorships | Licensing & Permissions
Accessibility Statement
Terms of Use | Privacy & Cookie Policy

Techlicious participates in affiliate programs, including the Amazon Services LLC Associates Program, which provide a small commission from some, but not all, of the "click-thru to buy" links contained in our articles. These click-thru links are determined after the article has been written, based on price and product availability — the commissions do not impact our choice of recommended product, nor the price you pay. When you use these links, you help support our ongoing editorial mission to provide you with the best product recommendations.

© Techlicious LLC.