January 31, 2014
Yahoo Mail Hacked Again, Prompting Large-Scale Password Resets
Enid Burns for redOrbit.com - Your Universe Online
Yahoo just rejoined the ranks of companies that have been compromised by hackers. The company said its Yahoo Mail servers were hacked, and sent a notice to users advising that passwords be changed.
Yahoo has been through this before with its Yahoo Mail users. However, after a holiday shopping season where a number of retail accounts were compromised by hackers who gained access to credit card information from hundreds of millions of consumers, many of those consumers have been left a bit raw from the experience.
In response to discovering the attacks, Yahoo issued a security update for Yahoo Mail users. It appears that Yahoo is hiding behind recent events. The security notice starts with: "Security attacks are unfortunately becoming a more regular occurrence." The communication does go on to offer some details on what happened, what data were accessed, and what Yahoo is doing in response to the attacks.
"Recently, we identified a coordinated effort to gain unauthorized access to Yahoo Mail accounts. Upon discovery, we took immediate action to product our users, prompting them to reset passwords on impacted accounts," the memo said.
The security hole occurred when a list of usernames and passwords were used to execute an attack. Yahoo believes the list was collected from a third-party database compromise. The online service provider said there is no evidence that the data were obtained directly from Yahoo's systems. An ongoing investigation shows malicious computer software used the list of usernames and passwords to access Yahoo Mail accounts. The attack appeared to be after names and email addresses from affected accounts.
While Yahoo is directing its mail users to reset their passwords, the company has actually reset the passwords on affected accounts, Ars Technica reports. Second sign-in verification is also being required from administrators. Users may also receive email notification or a text message for accounts that have a mobile phone number associated with the contact information.
Yahoo did not disclose how many accounts were compromised, though it is taking action with those accounts it identified in the attacks, and advising all users to take action by resetting passwords. According to comScore data, Yahoo is the second-largest email service worldwide after Google's Gmail, the Washington Post reports. While it is not known how many accounts were affected, there are 273 million Yahoo mail accounts worldwide, and 81 million in the US.
Cyber attacks have become more common, with email accounts, retailers and other online companies becoming compromised and exposing customer information.
"It's an old trend, but it's much more exaggerated now because the programs the bad guys use are much more sophisticated now," Gartner security analyst Avivah Litan told the Washington Post. "We're clearly under attack."
It is suspected that the hackers were looking for additional email addresses - by accessing accounts to gain more names and email addresses from user inboxes - in order to send spam or scam messages. The hackers may have also been planning to use social engineering to use Yahoo user names to spam addresses in their contact list or inbox in order to make messages appear more legitimate to recipients, the Washington Post reports.
While spam may have been a goal, the access to accounts that the hackers gained could leave users more vulnerable, exposing their banking and financial information.