Hackers steal usernames and passwords of Yahoo email users

31 Jan 2014

Yahoo announced yesterday that the usernames and passwords of some email users had been stolen and used to gather personal information.

"Recently, we identified a coordinated effort to gain unauthorized access to Yahoo Mail accounts. Upon discovery, we took immediate action to protect our users, prompting them to reset passwords on impacted accounts," the company said yesterday on its blog.

According to Yahoo, there was currently no evidence that the user information was obtained directly from the company's systems, as those investigating the issue believed the information was "likely collected from a third-party database compromise."

There was no word yet on how many accounts had been affected, but according to identity theft expert Robert Siciliano, it was troublesome news for Yahoo's millions of users, according to ABC radio.

He added, once a criminal hacker got to a user's email, he could easily reset the passwords for a number of their other accounts.

Though the investigation was underway, it appeared the hackers gained access to the accounts through malicious software. The attackers seemed to target names and email addresses from recently sent messages.

Following the breach, impacted users were prompted to change their passwords and they would have to go through a two-step sign-in process to access their account.

Yahoo said, federal law enforcement was on in the case, Yahoo said. The attack follows less than a week following Gmail suffering a brief outage.