A place for all things security.

Yahoo! Mail gets hacked, surprised?

Jan 31, 2014 // Andrew Stroup

Yahoo! Mail users, welcome to the club! You’ve joined a not so selective group of people who have been the victim of another attack on a large online service that stores countless user’s sensitive information (totaling around 273 million users).

Late last night Yahoo! Mail’s servers were compromised via malicious software, gaining access to lists of user credentials. This has led to a massive password reset for the affected accounts, notifying users via email (insert irony of notifying user’s about an email attack via the same attacked email).

Bottom line, change your password. In fact, you should probably think about changing all your other passwords if you were a victim. Actually, consider this a good time for EVERYONE to change their passwords as you should be doing this on a regular basis anyways!

Yahoo! has apologized, has taken “additional measures” to block future attacks, delayed responding to questions, and has yet to release any hard numbers on the scale of the attack.

The last gold nugget on this one is that Yahoo! has informed their users to ignore odd emails from Yahoo! accounts and to not click on any links in the message, BUT keep an eye out for a password reset email from Yahoo! Just make sure it’s not from “Yahoo?”