Yahoo resets passwords after email hack
Yahoo suspects usernames and passwords were stolen from an unidentified third-party database
IDG News Service - Yahoo has been resetting email accounts that were targeted in an attack apparently aimed at collecting personal information from recently sent messages, the company said Thursday.
The list of usernames and passwords used for the attack was likely collected when another company's database was breached, Jay Rossiter, a Yahoo senior vice president, said in a blog post. He didn't name the third party or say how many accounts were affected.
"We are working with federal law enforcement to find and prosecute the perpetrators responsible for this attack," Rossiter wrote.
The hackers used a malicious software program to access Mail accounts with the stolen usernames and passwords, he wrote.
Free email services with large user bases from companies like Yahoo, Google and Microsoft are a rich target for hackers, who use compromised accounts to deliver spam, launch attacks on other users and collect information.
Rossiter didn't say when the attack occurred, and a Yahoo spokeswoman said the company could not share more information while the investigation is ongoing.
Yahoo said it was resetting passwords on the affected accounts and using second sign-in verification to let users resecure their accounts. The feature sends a one-time passcode to a user's phone that must be entered into a Web-based form to access the account.
Yahoo has also "implemented additional measures to block attacks against Yahoo's systems," Rossiter wrote.
He advised that users change their passwords regularly and not reuse the same password for their Yahoo Mail on other Web services.
"We regret this has happened and want to assure our users that we take the security of their data very seriously," Rossiter wrote.
Send news tips and comments to email@example.com. Follow me on Twitter: @jeremy_kirk
- Why Projects Fail CIOs are expected to deliver more projects that transform business, and do so on time, on budget and with limited resources.
- The New Business Case for Video Conferencing: 7 Real-World Benefits Beyond Cost-Savings This whitepaper provides insight into the value of video conferencing in today's business environment, and how organizations are using visual collaboration to find...
- Gartner Magic Quadrant for Client Management Tools The client management tool market is maturing and evolving to adapt to consumerization, desktop virtualization, and an ongoing need to improve efficiency.
- Audit Ready and Asset Optimized: The Solid Promise of an Intelligent Software Asset Management Solution In this paper Frost & Sullivan examines the benefits of enterprise-grade Software Asset Management solutions, and how these solutions serve as the convergence...
- LIVE EVENT: 5/7, The End of Data Protection As We Know It. Introducing a Next Generation Data Protection Architecture. Traditional backup is going away, but where does this leave end-users?
- On-demand webinar: "Mobility Mayhem: Balancing BYOD with Enterprise Security" Check out this on-demand webinar to hear Sophos senior security expert John Shier deep dive into how BYOD impacts your enterprise security strategy... All Cyberwarfare White Papers | Webcasts