Yahoo announced on their blog that hackers accessed a number of its mail accounts through a third party and that the affected accounts must reset their passwords as soon as possible.
Yahoo says that their servers are still safe, but according to the company, hackers used a “third-party database compromise” to log into multiple Yahoo! Mail accounts.
Yahoo took these emergency measures in order to increase the level of the protection for the compromised mail accounts:
– We are resetting passwords on impacted accounts and we are using second sign-in verification to allow users to re-secure their accounts. Impacted users will be prompted (if not, already) to change their password and may receive an email notification or an SMS text if they have added a mobile number to their account.
– We are working with federal law enforcement to find and prosecute the perpetrators responsible for this attack.
– We have implemented additional measures to block attacks against Yahoo’s systems.
Yahoo also suggests it’s users what to do in order to keep their accounts safe:
In addition to adopting better password practices by changing your password regularly and using different variations of symbols and characters, users should never use the same password on multiple sites or services. Using the same password on multiple sites or services makes users particularly vulnerable to these types of attacks.
Source – http://yahoo.tumblr.com/post/75083532312/important-security-update-for-yahoo-mail-users