Mass hack attack on Yahoo Mail accounts prompts password reset

Yahoo said it is resetting passwords for some of its e-mail users after discovering a coordinated effort to compromise accounts.

Attackers behind the cracking campaign used usernames and passwords that were probably collected from a compromised database belonging to an unidentified third party, according to Jay Rossiter, Yahoo senior vice president of platforms and personalization products, who wrote an advisory published Thursday. A large percentage of people use the same password to protect multiple Internet accounts, a practice that allows attackers holding credentials taken from one site to compromise accounts on other sites. There’s no evidence the passwords used in the attack came from Yahoo Systems.

“Our ongoing investigation shows that malicious computer software used the list of usernames and passwords to access Yahoo Mail accounts,” Rossiter wrote. “The information sought in the attack seems to be names and e-mail addresses from the affected accounts’ most recent sent e-mails.”

Read 3 remaining paragraphs | Comments

    



via Ars Technica http://ift.tt/1if7Gae

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s