Yahoo mail hacked: What to do if you’ve been affected

Video: Usernames and passwords of some of Yahoo's email customers have been stolen and used to gather personal information about people those Yahoo mail users have recently corresponded with, the company said.

Yahoo Mail users, we have some bad news: It’s time to change your e-mail password.

In a company blog post Thursday night, Yahoo revealed that a number of users’ passwords and usernames were exposed to cyber-attackers who used malicious computer software to gain access to lists of Yahoo Mail credentials.

More tech stories

China aims to purge Internet of porn, rumors

China aims to purge Internet of porn, rumors

Critics say the Communist Party’s “clean sky” campaign aims to silence grass-roots voices online and dissent.

The boss who’d put a tiki lounge by your desk

The boss who’d put a tiki lounge by your desk

A chief executive points to research showing that workers who have more fun are most productive.

The role of your gut in allergies

The role of your gut in allergies

Scientists are investigating how common bacteria in our bodies can contribute to allergies.

The information was likely collected from a third-party database, Jay Rossiter, Yahoo’s senior vice president of platforms and personalization products, wrote in the posting.

The company is resetting passwords on accounts that have been affected and is taking steps to allow users to re-secure their accounts. It is sending notification e-mails instructing those users to change their passwords; users may also receive a text message, if they’ve shared their phone number with the company.

It’s a song-and-dance that users may be tiring of, but it is important for Yahoo account holders who were swept up in the attack to change their passwords for immediately. They should also change their log-in credentials for any account that may share their Yahoo password, particularly if they use their Yahoo e-mail as their username. The same is true if you use a similar e-mail address as the username — it’s not a big leap for hackers to think that you may be both jdoe@yahoo.com and jdoe@gmail.com.

Finally, everyone should also be on the lookout for spam, as the attack also appears to have picked up names and e-mail addresses for the most recent contacts from affected accounts, according to the company’s post.

If you get an odd e-mail from the Yahoo account of someone you know, ignore the message, and do not click on any links in the message. (It’s also be nice to let the person whose account has been hacked know about the fraudulent messages, so they can warn others to avoid the e-mails.)

Yahoo has apologized for the inconvenience and has said that it has taken “additional measures” to block attacks on its system. The company did not immediately respond to a request asking how many of its users were affected.

Yahoo is the world's second-largest e-mail provider, and has an estimated 273 million users, according to a report from the Associated Press.

 
Read what others are saying