Oceanside CA- Yahoo! announced, late Thursday, that an unspecified number of users have had their usernames and passwords compromised. The breach appears to have occurred via a third party database. The company has taken the precaution of re-setting the passwords of those users whose accounts were affected. Those people will receive an e-mail or SMS prompting the users to change their passwords
Jay Rossiter, SVP, Platforms and Personalization Products for ‘Yahoo!’ posted on Tumblr “Based on our current findings, the list of usernames and passwords that were used to execute the attack was likely collected from a third-party database compromise. We have no evidence that they were obtained directly from Yahoo’s systems. Our ongoing investigation shows that malicious computer software used the list of usernames and passwords to access Yahoo Mail accounts. The information sought in the attack seems to be names and email addresses from the affected accounts’ most recent sent emails.”
The compromise is another in a growing list of data breaches and follows on the heels of recently announced breaches at Micheal’s and Target Stores.
More information on the attack can be found here [Link]