Yahoo announced on Thursday, January 30, 2014, that their security experts found a “coordinated effort to gain unauthorized access to Yahoo Mail accounts”. According to Yahoo’s post on Tumbler about this breach, “…the list of usernames and passwords that were used to execute the attack was likely collected from a third-party database compromise. We have no evidence that they were obtained directly from Yahoo’s systems. Our ongoing investigation shows that malicious computer software used the list of usernames and passwords to access Yahoo Mail accounts. The information sought in the attack seems to be names and email addresses from the affected accounts’ most recent sent emails.”
Although they don’t state how many users were affected, Yahoo has already informed those users of the breach and is requiring them to reset their passwords through a new two-step verification process in order to secure their accounts again. You can see Yahoo’s full blog post on Tumbler about this security breach here.
So, what is the moral of this story? It’s simple, actually. Be sure to use different passwords for each of your online accounts, always use a secure password generator such as this one by Norton, and change your passwords periodically. Always using the same passwords on your online accounts and not ever changing them is asking to have your accounts hacked.