After major e-mail woes in December, Yahoo is now getting hit with another massive problem. Yahoo Mail has been hacked. Jay Rossiter, senior vice president of Platforms and Personalization Products at Yahoo, confirmed the hack on the firm’s Tumblr blog.
“Security attacks are unfortunately becoming a more regular occurrence. Recently, we identified a coordinated effort to gain unauthorized access to Yahoo Mail accounts,” he said. “Upon discovery, we took immediate action to protect our users, prompting them to reset passwords on impacted accounts.”
Based on Yahoo’s current findings, Rossiter said the list of usernames and passwords that were used to execute the attack was likely collected from a third-party database compromise.
What Is Yahoo Doing?
“We have no evidence that they were obtained directly from Yahoo’s systems. Our ongoing investigation shows that malicious computer software used the list of usernames and passwords to access Yahoo Mail accounts,” Rossiter said. “The information sought in the attack seems to be names and e-mail addresses from the affected accounts’ most recent sent e-mails.”
Rossiter then outlined what Yahoo is doing to protect Mail users. First, the company is resetting passwords on impacted accounts and using second sign-in verification to allow users to re-secure their accounts. Rossiter said impacted users will be prompted to change their passwords and may receive an e-mail notification or an SMS text if they have added a mobile number to their accounts.
Yahoo is also working with federal law enforcement to find and prosecute the perpetrators responsible for this attack. He said the company has implemented additional measures to block attacks against Yahoo’s systems.
Keeping E-mail Accounts Secure
“In addition to adopting better password practices by changing your password regularly and using different variations of symbols and characters, users should never use the same password on multiple sites or services,” Rossiter said. “Using the same password on multiple sites or services makes users particularly vulnerable to these types of attacks.”
Rossiter concluded by saying he regrets this has happened and wants to assure Yahoo Mail users that company takes the security of consumer data very seriously. In December, Yahoo CEO Marissa Mayer personally apologized for a Yahoo Mail outage: “This has been a very frustrating week for our users and we are very sorry.”
“We will continue to work on rolling out IMAP access and to fully restore inbox state (for example, which folders messages were placed in, which messages were starred, etc). This process differs for each user and as restoration continues, we’re committing to communicating directly with you on progress on an individual basis,” she said.
“Above all else, we’re going to be working hard on improvements to prevent issues like this in the future. While our overall uptime is well above 99.9%, even accounting for this incident, we really let you down this week,” she said at the time.
Posted: 2014-02-13 @ 2:06am PT
I am very sad that my email address has been blocked. I can't access my mail online.I believe the problem will be resolved in the near future.
Posted: 2014-02-10 @ 4:36pm PT
Its frustrating that it happened again to my email. I had in the other email information about my family tree and can't access it anymore. I made another email. Hopeful it will be resolved.
Posted: 2014-02-10 @ 1:43pm PT
Someone hacked my account from Dom republic! Redic! All my personal incoming/outgoing mail contains important info..I'm ready to stop using devices and go back to paper trails, and mailing.
Posted: 2014-02-10 @ 12:53pm PT
My e-mail inbox has completely disappeared. What do I do?
Posted: 2014-02-10 @ 11:53am PT
I keep resetting my password and am still having problems! Now unable to get into account at all. WHAT TO DO??!!
Sue in O.P.:
Posted: 2014-02-06 @ 10:27am PT
I changed my password after reading about Yahoo being hacked. I recently got a smartphone and set up e-mail to be transferred. Now I've received a message from Yahoo that someone in Mexico tried access my account with a mobile device. Was this a fraud e-mail? When I go to the suggested site, I only find a free website hosting service offered.
Posted: 2014-02-06 @ 9:21am PT
I am waiting to hear from Yahoo, as to what they need
for me to do in order to handle this situation. No word
as yet from Yahoo directly.
Posted: 2014-02-05 @ 8:08pm PT
My yahoo account been hack what should I do?
Posted: 2014-02-04 @ 11:08am PT
Posted: 2014-02-04 @ 7:09am PT
Great security tips - I started using strong, unique passwords for ALL my online accounts, but have found the only way to really manage that is using a password manager. (I use PasswordBox and can't recommend it more highly - free, easy to use, syncs to devices, password generator, etc.) Won't stop a hack, but will definitely help minimize the damage to one site/account.
Posted: 2014-02-03 @ 4:35pm PT
So how are you restoring my account, yahoo?
Posted: 2014-02-02 @ 6:47pm PT
You make it too hard already. I have been trying to access my account and even though i got questions correct, you say to contact customer care. then it comes up with nothing to allow me into my emails?
Why dont you send me an email i cant access.
This is a joke. NOT happy jan
Posted: 2014-02-02 @ 2:24pm PT
I was driving behind a woman putting on mascara while driving. If I had a mounted camera, I could have caught her with her license plate in view!
Only thing to do is Get Out of the System!
Posted: 2014-02-02 @ 2:23pm PT
it is a shame and i feel sad that my yahoo mail is hacked into and a strange number keeps calling and leaving me notes to call back and has followed me to my goggle such that the moment i try to open my mail it is there waiting and reading
Posted: 2014-02-02 @ 2:17pm PT
Do people actually use their real names when creating a yahoo account?? LoL serves them right!!!
Posted: 2014-02-02 @ 12:07pm PT
Yahoo customer service is like the customer service from the cable companies, all lipstick and mascara with no substance. Yahoo certainly doesn't care about the safety of its customers' privacy.
Posted: 2014-02-02 @ 9:53am PT
This is what Yahoo said last year when their email was hacked. Yahoo have no idea how to protect people's email.
Posted: 2014-02-02 @ 6:32am PT
It has been a week since I haven't gotten any mail, my email got hacked too and I can't log on anymore, how do I get my account back?
Posted: 2014-01-31 @ 4:06pm PT
help I have been 3 days without my emails, how do I get my account back
Posted: 2014-01-31 @ 2:01pm PT
How can we get our accounts back ?