Yahoo! has just issued a statement on its Tumblr page that a widespread hacking attempt has been made on Yahoo! Mail. Yahoo! has investigated the origin of the attack and found that usernames and passwords were not taken from Yahoo!, but from a “third-party database compromise.”
With the recent data breaches at Snapchat and Adobe, information stolen from those separate attacks may have been used in this attempt to compromise Yahoo! Mail accounts. Yahoo! notes that the attacks seem to target the names and email addresses from the targeted accounts’ most recent sent emails.
To stop this widespread attack, Yahoo! has immediately reset the passwords for the affected accounts. Users will have to use Yahoo! Mail’s sign-in verification to re-secure their account. Affected users will be receiving an email or SMS text warning them to change their passwords. Yahoo! also claims to have put in additional measures to prevent attacks against Yahoo!’s servers, though it doesn’t say what those additional measures are.
Yahoo! is currently working with federal law enforcement to find and prosecute those involved in this attack.
Source: Yahoo! (Tumblr)