updated 07:01 pm EST, Thu January 30, 2014
Affected users notified by e-mail, SMS to change password
Yahoo email users seem to be the most recent victim of mass data theft. The search engine, in a security update posted today, claims to have "identified a coordinated effort to gain unauthorized access to Yahoo Mail accounts." The company then took action on behalf of its users, prompting them to reset passwords on the breached accounts.
So far, Yahoo's investigation has concluded that the the list of usernames and passwords stolen in the attack were harvested from a third party with access to Yahoo credentials. The company believes that "the information sought in the attack seems to be names and email addresses from the affected accounts' most recent sent emails."
Yahoo has declined our efforts to identify the quantity of accounts impacted by the attack. Federal law enforcement has been notified of the attack, and Yahoo has "implemented additional measures to block attacks against Yahoo's systems."