When it comes to major email service providers, Yahoo stands out as a company which often runs into security hazards. The company has now revealed that the usernames and passwords of an unknown number of Yahoo Mail users have been stolen and are being used to hack into their accounts.
Yahoo is apparently clueless as to how the hackers were able to gain access to this data. The company has assured that its own servers haven’t been breached and are safe, and hints that the leak may have come from a third party database.
According to Yahoo’s official statement, “We have no evidence that they were obtained directly from Yahoo’s systems. Our ongoing investigation shows that malicious computer software used the list of usernames and passwords to access Yahoo Mail accounts. The information sought in the attack seems to be names and email addresses from the affected accounts’ most recent sent emails.”
As happens in the damage-control phase of all such cyber attacks, Yahoo has started resetting passwords and enabling two-step verification on the affected accounts. Two-step verification ensures that if your account is among the compromised, no one would be able to log into it unless you enter the PIN that is sent to your handset through an SMS from Yahoo.
In the past, Yahoo Mail’s security has been compromised numerous times. It is about time that the company took it more seriously and spent more resources on ensuring that the credentials of Yahoo users don’t frequently end up in the hands of the hackers.
Source: The Hacker News