In a blog post, Yahoo revealed to its users it has identified a coordinated effort to gain unauthorized access to an unidentified number of Yahoo Mail accounts. Upon discovery, Yahoo quickly sent out an email warning to affected users, asking them to change their passwords immediately.
According to Yahoo’s investigation, its own system was not compromised. Instead, the attackers infiltrated a third-party database to compromise the email accounts.
“Based on our current findings, the list of usernames and passwords that were used to execute the attack was likely collected from a third-party database compromise. We have no evidence that they were obtained directly from Yahoo’s systems. Our ongoing investigation shows that malicious computer software used the list of usernames and passwords to access Yahoo Mail accounts. The information sought in the attack seems to be names and email addresses from the affected accounts’ most recent sent emails,” the post stated.
If you’re one of those who account has been compromised, when you next login, you’ll automatically be prompted to change your password. And if you have activated Yahoo’s two-step verification, you’ll be required to enter the code sent to your mobile phone to login.
No information was given as to how many accounts were affected.
Yahoo is said to be coordinating with federal law enforcement to find and prosecute the parties responsible for the attack, and assured its users that it has implemented additional security measures to prevent future attacks.
Today’s attack is just the latest in a string of security disasters for Yahoo Mail. In the first half of 2013, Yahoo Mail suffered multiple attacks but it did promise to fortify its security by announcing that it will finally rollout SSL encryption as the default setting for all Yahoo Mail users. Unfortunately, this effort may have been too late, or didn’t work, based on the new breach.
Besides dodging hackers, Yahoo Mail users have had to deal with plenty of other issues too. In the latter part of 2013, the service was hit with massive outages that lasted for weeks.
If you’re fed up with Yahoo’s unreliable mail client and want something better and more secure, check out How to Switch Email Services Easily & Keep All Your Mails, Contacts.