Yahoo says detected hacking attempt on email accounts

Thu Jan 30, 2014 7:16pm EST

The Yahoo logo is shown at the company's headquarters in Sunnyvale, California April 16, 2013. REUTERS/Robert Galbraith

The Yahoo logo is shown at the company's headquarters in Sunnyvale, California April 16, 2013.

Credit: Reuters/Robert Galbraith

Related Topics

(Reuters) - Yahoo Inc said it had detected a "coordinated effort" to gain unauthorized access to Yahoo Mail accounts using malicious computer software.

The company said on its official blog that it believed that the attackers were attempting to access the accounts using credentials that had been obtained from a breach of another company's user database. It did not identify that company.

People frequently use the same passwords on multiple accounts, so hackers attempt to use credentials stolen in one breach to break into multiple types of accounts.

"We have no evidence that they were obtained directly from Yahoo's systems," the company said on its blog.

A Yahoo spokeswoman declined to say how many accounts had been compromised or provide a detailed description, saying that it was the subject of an investigation by federal law enforcement.

The company said on its blog that it had prompted users to reset passwords to protect their accounts. (

(Reporting by Chandni Doulatramani in Bangalore and Jim Finkle in Boston; Editing by Ted Kerr and Jan Paschal)

We welcome comments that advance the story through relevant opinion, anecdotes, links and data. If you see a comment that you believe is irrelevant or inappropriate, you can flag it to our editors by using the report abuse links. Views expressed in the comments do not represent those of Reuters. For more information on our comment policy, see
Comments (6)
toonik_ph wrote:
Just heard about this.. great..

Jan 30, 2014 10:27pm EST  --  Report as abuse
D-M wrote:
Please Join the White House Petition: “Data Breach – Make it a punishable violation of Privacy Rights” at

Data breach is a violation of trust when Financial & Commercial entities fail to protect the account data and privacy of an individual and their family.

One’s personal data is extremely valuable and loss of such not only can be financially damaging but can bring repeated threats upon one’s identity for years that can propagate as family and friends also become the target.

It’s incomprehensible that information technology (a commodity), in use for so long, we’ve not enforced penalties on financial & commercial entities for loss of privacy and personal identity data as in the case of the HIPAA Privacy Act for example, under these Federal rules, failure to comply can bring stiff fines.

For more information on the Target Breach and how cyber crimes can impose long term identity threats visit

Jan 31, 2014 12:34pm EST  --  Report as abuse
1616 wrote:
Yahoo mail was non-functional for many users, including myself, for more than 48 hours. During that time there was no public announcement by Yahoo of the cyber-attack or resulting loss of service. Yahoo Customer Care did not respond to multiple text/email inquiries. Wait times on hotilines were several hours long. Yahoo mail users confirmed that problems were widespread on several tech blogs. The announcement by Yahoo admitting the problems came more than 24 hours after most Yahoo mail functionality was restored. This further delayed user responses to protect their own privacy.

Yahoo’s actions – or inaction – around this event demonstrates a very poor attitude toward its user/customer responsibilities. This corporate failure is as troubling an issue as the privacy breach.

Jan 31, 2014 12:42pm EST  --  Report as abuse
This discussion is now closed. We welcome comments on our articles for a limited period after their publication.