Yahoo Mail users, we have some bad news: It’s time to change your e-mail password.
In a company blog post Thursday night, Yahoo revealed that a number of users’ passwords and usernames were exposed to cyber-attackers who used malicious computer software to gain access to lists of Yahoo Mail credentials.
The information was likely collected from a third-party database, Jay Rossiter, Yahoo’s senior vice president of platforms and personalization products, wrote in the posting.
The company is resetting passwords on accounts that have been affected and is taking steps to allow users to re-secure their accounts. It is sending notification e-mails instructing those users to change their passwords; users may also receive a text message, if they’ve shared their phone number with the company.
It’s a song-and-dance that users may be tiring of, but it is important for Yahoo account holders who were swept up in the attack to change their passwords for immediately. They should also change their log-in credentials for any account that may share their Yahoo password, particularly if they use their Yahoo e-mail as their username. The same is true if you use a similar e-mail address as the username — it’s not a big leap for hackers to think that you may be both email@example.com and firstname.lastname@example.org.
Finally, everyone should also be on the lookout for spam, as the attack also appears to have picked up names and e-mail addresses for the most recent contacts from affected accounts, according to the company’s post.
If you get an odd e-mail from the Yahoo account of someone you know, ignore the message, and do not click on any links in the message. (It’s also be nice to let the person whose account has been hacked know about the fraudulent messages, so they can warn others to avoid the e-mails.)
Yahoo has apologized for the inconvenience and has said that it has taken “additional measures” to block attacks on its system. The company did not immediately respond to a request asking how many of its users were affected.
Yahoo is the world's second-largest e-mail provider, and has an estimated 273 million users, according to a report from the Associated Press.
Follow The Post’s new tech blog, The Switch, where technology and policy connect.