Yahoo! detects mass hack attempt on its email service

31 Jan 2014

A mass hacking attempt on Yahoo! Mail users was undertaken last night and in response the company has reset affected users’ passwords.

In an announcement on Tumblr, Yahoo! is still unsure of who co-ordinated the attack but it recognised an increasing frequency in attacks and decided to act.

However, the company believes that the mass hack did not come about after a leak of customer details directly from them but through another means.

“Based on our current findings, the list of usernames and passwords that were used to execute the attack was likely collected from a third-party database compromise,” the statement said. “We have no evidence that they were obtained directly from Yahoo!’s systems.

“Our ongoing investigation shows that malicious computer software used the list of usernames and passwords to access Yahoo! Mail accounts. The information sought in the attack seems to be names and email addresses from the affected accounts’ most recent sent emails.”

It hasn’t been made clear how many users’ passwords have been affected, but given the scale of the response it can only be presumed that it will be in the thousands.

It’s a case of ‘those in glass houses’ as it comes only a week after Yahoo! was forced to apologise after it posted a message on its official Twitter account mocking Google for an outage to its Gmail service.

Yahoo! subsequently apologised for what it called a ‘bad judgement’ on its part.

Colm Gorey was a senior journalist with Silicon Republic