Fri January 31, 2014
Yahoo Says Email Accounts Were Hacked But Not How Many
Originally published on Fri January 31, 2014 9:16 am
Yahoo has become the latest target of hackers, with usernames and passwords stolen from some of its estimated 273 million email customers.
"Recently, we identified a coordinated effort to gain unauthorized access to Yahoo Mail accounts," the company said in a blog post Thursday. "Upon discovery, we took immediate action to protect our users, prompting them to reset passwords on impacted accounts."
Yahoo — the second-largest email service worldwide after Google's Gmail — did not say how many "impacted accounts" there were. It has 81 million email accounts in the U.S. alone.
Yahoo says that based on its current findings, "the list of usernames and passwords that were used to execute the attack was likely collected from a third-party database compromise."
"Security attacks are unfortunately becoming a more regular occurrence," the blog post stated. "We regret this has happened and want to assure our users that we take the security of their data very seriously."
The Sunnyvale, Calif.-based company says it has begun notifying users whose accounts were compromised and has started using second sign-in verification to allow users to re-secure their accounts. Some users may receive an SMS text, Yahoo says.
The Associated Press calls the compromise at Yahoo:
"the latest in a string of security breaches that have allowed hackers to nab personal information using software that analysts say is ever more sophisticated. Up to 70 million customers of Target stores had their personal information and credit and debit card numbers compromised late last year, and Neiman Marcus was the victim of a similar breach in December."
As Bloomberg reports, Yahoo CEO Marissa Mayer "has been criticized by some customers for changes she's made to the organization and design of the service, and Mayer apologized in December for 'compounding issues,' including lost messages, users being shut out, and trouble with access to other e-mail programs."
Forbes has some general advice on better security, stuff most of us have already heard a number of times. But this might be a good time for a reminder.