Recently, we identified a coordinated effort to gain unauthorised access to Yahoo Mail accounts, Jay Rossiter, Yahoos senior vice president for platforms and personalisation products, wrote in a blog post last week. Based on our current findings, the list of usernames and passwords that were used to execute the attack was likely collected from a third-party database compromise.
Rossiter did not say how many accounts were affected, only that Yahoo had reset passwords for affected accounts and added two-step verification, a system that asks users to enter a second, one-time password. The company said it was also working with law enforcement to investigate the breach and had stepped up security on its systems.
Yahoo was affected by a similar attack in 2012, when hackers stole 400,000 usernames and passwords from a Yahoo contributor network. And earlier this year, Yahoo was the target of an attack in which cybercriminals planted malware in advertisements served on Yahoos site. When the ad was clicked, the attackers were able to use victims computers to mine for Bitcoins, the virtual currency.