Yahoo has revealed that some Yahoo Mail accounts have been accessed using stolen passwords in an organized effort from unknown sources.
According to the blog post by Jay Rossiter, SVP, Platforms and Personalization Products, the passwords to the accounts were obtained from a compromised third party database, as the company has not detected any unusual activity on their end. As a safety measure, Yahoo has reset the passwords for the affected accounts and will be guiding the users to regain access to their mail.
In addition to resetting the passwords, Yahoo will be implementing a two-step verification for additional security on the affected accounts using either an email notification to an alternate address or through SMS on the user's mobile. The company is reportedly working with law enforcement agencies to take action once the sources have been identified.
It was reported recently that over 2 million user accounts and passwords from sites such as Yahoo, Facebook, Twitter, LinkedIn and others were exposed by botnets and malware-infected PCs.
Source: Yahoo Blog | Image via TheBoxHouston