If you are an active Yahoo user with all you daily important mails heading over to your Yahoo mail service, here's a bit of news that might make you sit straight and take note. According to reports, Yahoo has detected an attempted and coordinated hack to infiltrate the company's popular mail service and is now asking users of affected accounts to reset their passwords to maintain privacy.
Revealed via the company's official blog, Yahoo states that a malicious computer software made use of a list of Yahoo Mail usernames and passwords in an attempt to get the names and email addresses from recently sent emails.
"We have no evidence that they were obtained directly from Yahoo's systems. Our ongoing investigation shows that malicious computer software used the list of usernames and passwords to access Yahoo Mail accounts," the company wrote.
"The information sought in the attack seems to be names and email addresses from the affected accounts' most recent sent emails."
While Yahoo is pretty confident that the list of usernames and passwords, which was used to carry on the attack, was probably collected from a third-party database and not from Yahoo's own system, the company has also laid down a set of things that it's doing to protect its users. Those are as follows:
"We are resetting passwords on impacted accounts and we are using second sign-in verification to allow users to re-secure their accounts. Impacted users will be prompted (if not, already) to change their password and may receive an email notification or an SMS text if they have added a mobile number to their account."
"We are working with federal law enforcement to find and prosecute the perpetrators responsible for this attack. We have implemented additional measures to block attacks against Yahoo's systems," it adds.
Apart from that, the company has stressed on how users should adopt better password practices by changing their account password regularly, assisted by different variations of symbols and characters.
"Using the same password on multiple sites or services makes users particularly vulnerable to these types of attacks," the official blog concludes.