On Thursday, Yahoo announced its email service had been hit by a coordinated cyberattack resulting in the usernames and passwords of an undisclosed number of Yahoo Mail accounts to be compromised. The company said the information was stolen from a third party database. The accounts were then accessed to gather information about recently emailed addresses. It’s the second email problem in the last two months for Yahoo and the company said it took immediate action to minimize the damage to users whose accounts were involved.
Yahoo’s Jay Rossiter outlined the breach in a blog post on Thursday.
Based on our current findings, the list of usernames and passwords that were used to execute the attack was likely collected from a third-party database compromise. We have no evidence that they were obtained directly from Yahoo’s systems. Our ongoing investigation shows that malicious computer software used the list of usernames and passwords to access Yahoo Mail accounts. The information sought in the attack seems to be names and email addresses from the affected accounts’ most recent sent emails.
There are 273 million Yahoo email accounts worldwide, making it the second largest email provider behind Google’s Gmail, according to the Associated Press. Eighty-one million of those accounts are in the U.S. Here are some of the potential implications of the security breach from the AP:
[It] could mean hackers were looking for additional email addresses to send spam or scam messages. By grabbing real names from those sent folders, hackers could try to make bogus messages appear more legitimate to recipients…The bigger danger: access to email accounts could lead to more serious breaches involving banking and shopping sites. That's because many people reuse passwords across many sites, and also because many sites use email to reset passwords. Hackers could try logging in to such a site with the Yahoo email address, for instance, and ask that a password reminder be sent by email.