Industry News

Change Passwords Now; Yahoo! Mail Got Hacked Again

Antivirus software provider Bitdefender urges users to change passwords immediately, after hackers breached Yahoo! Mail services again. The world’s second-largest email service provider identified a coordinated effort to gain unauthorized access to users’ accounts, according to a blog post.

The series of usernames and passwords used to execute the attack was likely collected from a compromised third-party database. Yahoo! already sent e-mails prompting affected clients to reset passwords. Notifications are also sent via SMS texts if mobile numbers were linked to the accounts.

Change Passwords Now; Yahoo! Mail Got Hacked Again“We have no evidence that they were obtained directly from Yahoo’s systems,” said Yahoo’s SVP Platforms and Personalization Products Jay Rossiter. “Our ongoing investigation shows that malicious computer software used the list of usernames and passwords to access Yahoo Mail accounts. The information sought in the attack seems to be names and email addresses from the affected accounts’ most recent sent emails.”

The tech company is working with federal law enforcement to find and prosecute the hackers responsible for the attack. In July 2012, more than 450,000 e-mail addresses and passwords were stolen from Yahoo! after hackers managed to breach the service.

“At Yahoo! we take security very seriously and invest heavily in protective measures to ensure the security of our users and their data across all our products,” Yahoo! said at the time.

After the latest attack, the company said: “We regret this has happened and want to assure our users that we take the security of their data very seriously.”

Bitdefender researchers recently spotted several bad ads injected in Yahoo! Insider through malvertising techniques. In May 2013, Yahoo! Mail also got blocked by browsers in a complex malvertising chain reaction.

Users are advised to reinforce their passwords and change them regularly. They may also enable two-factor authentication, which requires a code texted to their mobile phone whenever a login attempt is made from a new computer.

In January, the word “password” was ousted by “123456” as the most popular (and worst) password in 2013, after two years in the spotlight.

About the author


Bianca Stanescu, the fiercest warrior princess in the Bitdefender news palace, is a down-to-earth journalist, who's always on to a cybertrendy story. She's the industry news guru, who'll always keep a close eye on the AV movers and shakers and report their deeds from a fresh new perspective. Proud mother of one, she covers parental control topics, with a view to valiantly cutting a safe path for children through the Internet thicket. She likes to let words and facts speak for themselves.