Yahoo Mail resets passwords following hack
NEW YORK – Yahoo said it is resetting passwords for some of its e-mail users after discovering a coordinated effort to compromise accounts.
Attackers behind the cracking campaign used usernames and passwords that were probably collected from a compromised database belonging to an unidentified third party, according to Yahoo senior vice president Jay Rossiter.
A large percentage of people use the same password to protect multiple Internet accounts, a practice that allows attackers holding credentials taken from one site to compromise accounts on other sites.
There's no evidence the passwords used in the attack came from Yahoo Systems.
"Our ongoing investigation shows that malicious computer software used the list of usernames and passwords to access Yahoo Mail accounts," Rossiter said.