Yahoo: Malware Prompts Password Reset

Yahoo is advising an undisclosed number of users to reset their passwords following a malware attack that led to unauthorized access to Yahoo Mail accounts.

See Also: The Power and Scale of XDR

"Based on our current findings, the list of usernames and passwords that were used to execute the attack was likely collected from a third-party database compromise," says Jay Rossiter, senior vice president, platforms and personalization products, in a post to the company's blog. "We have no evidence that they were obtained directly from Yahoo's systems," he says.

The investigation shows that malware used the list of usernames and passwords to access Yahoo Mail accounts, the company says.

"The information sought in the attack seems to be names and e-mail addresses from the affected accounts' most recent sent e-mails," Rossiter says.

As a result of the attack, Yahoo is working with users to reset passwords on affected accounts and is offering a second sign-in verification to allow users to secure their accounts. The company is also cooperating with federal law enforcement on an investigation.

The company did not immediately respond to a request for more information about the incident.

Past Incidents

Earlier in January, malicious advertisements served on Yahoo may have compromised thousands of European users' devices with malware, says security vendor Fox-IT, which discovered the exploit (see: Europeans Hit by Malicious Ads on Yahoo).

The company also was struck by a hacktivist attack in July 2012. A hacking group calling itself D33Ds Company posted more than 400,000 Yahoo usernames and passwords online (see: 400,000 Yahoo! Passwords Hacked). Yahoo confirmed that an older file from the Yahoo Contributor Network, previously Associated Content, containing approximately 400,000 Yahoo and other company usernames and passwords, was stolen on July 11. "Of those, less than 5 percent of the Yahoo accounts had valid passwords," the statement notes.