Yahoo on Thursday announced yet another hacking attempt, advising Yahoo Mail users to change their passwords if prompted to do so. “Security attacks are unfortunately becoming a more regular occurrence, Yahoo wrote on its official Tumblr blog. Recently, we identified a coordinated effort to gain unauthorized access to Yahoo Mail accounts. Upon discovery, we took immediate action to protect our users, prompting them to reset passwords on impacted accounts.”
Users whose accounts’ passwords have not been reset are probably safe, but it may be a good measure to change passwords every once in a while anyway – you should make sure not to use weak passwords that are easy to guess, though.
Yahoo did not reveal how many accounts may have been compromised or what exactly happened but said that there’s no evidence the compromised accounts were used obtained directly from Yahoo. Instead, hackers may have collected them from a third-party database that was compromised. The company is working with federal law enforcement to find the perpetrators.
“Our ongoing investigation shows that malicious computer software used the list of usernames and passwords to access Yahoo Mail accounts.” Yahoo wrote. “The information sought in the attack seems to be names and email addresses from the affected accounts’ most recent sent emails.”
This is the second time Yahoo acknowledges a hack that can potentially affect its customers in a matter of weeks. In early January, it was revealed that hackers managed to compromise its ad network to deliver malware to unsuspecting Yahoo users for various purposes including Bitcoin mining. It’s not clear whether the two incidents are related or not.