Yahoo resets passwords after hacking attempts

Social

by CBR Staff Writer| 31 January 2014

Number of accounts hit by attacks still remains undisclosed.

Yahoo has detected a coordinated effort to illegally access its mail accounts, after which it is resetting passwords of all the effected accounts.

The internet company is working with federal law enforcement to investigate the issue and revealed that hackers collected lists of user names and passwords from a third-party database and used to execute the attack.

Yahoo Platforms and Personalisation Products SVP Jay Rossiter said that currently there is no evidence that they were obtained directly from Yahoo's systems.

"Our ongoing investigation shows that malicious computer software used the list of usernames and passwords to access Yahoo Mail accounts," Rossiter said.

"The information sought in the attack seems to be names and email addresses from the affected accounts' most recent sent emails.

According to the company, currently second sign-in verification is being used to allow users to re-secure their accounts, while users will be notified to change their password via an email notification or an SMS text if a mobile number is added.

"In addition to adopting better password practices by changing your password regularly and using different variations of symbols and characters, users should never use the same password on multiple sites or services," Rossiter suggested.

"Using the same password on multiple sites or services makes users particularly vulnerable to these types of attacks."

Comments
Post a comment

Comments may be moderated for spam, obscenities or defamation.
Privcy Policy

We have updated our privacy policy. In the latest update it explains what cookies are and how we use them on our site. To learn more about cookies and their benefits, please view our privacy policy. Please be aware that parts of this site will not function correctly if you disable cookies. By continuing to use this site, you consent to our use of cookies in accordance with our privacy policy unless you have disabled them.