Ouch! Yahoo! Hacked! Mail Users Need To Reset Passwords ASAP

It’s becoming more tedious to be a Yahoo! Mail user these days. The Gmail-ish redesign a few months ago was supposed to bring many attractive changes to the email service, but it launched with an annoying auto-forward bug, and anecdotally, performance has been slow and buggy from what I’ve experienced. Then, there was that outage last month that left some users without service for as much as a week.

And now, Yahoo Mail has been hacked. “Recently, we identified a coordinated effort to gain unauthorized access to Yahoo Mail accounts. Upon discovery, we took immediate action to protect our users, prompting them to reset passwords on impacted accounts,” wrote Yahoo’s Jay Rossiter, SVP of Platforms and Personalization Products.

Yahoo! HQ

Yahoo believes that the the usernames and passwords that were used in the hack were culled from a third party and not Yahoo’s own systems, which means that Yahoo would be a victim along with those users who had their accounts compromised. It appears that the point of the attack was to grab names and email addresses of Yahoo users’ recent email recipients.

Yahoo! Mail

Yahoo reset the passwords of affected users and notified (or will notify) them via email or SMS text. The company says that “We have implemented additional measures to block attacks against Yahoo’s systems” and is working with law enforcement to locate and prosecute the hackers.

Yahoo has plans to encrypt all user data by March, and that's not a moment too soon.