Yahoo on Thursday said it reset passwords on many Yahoo Mail accounts after identifying “a coordinated effort” to gain unauthorized access.
It said usernames and passwords of its email customers were used to access accounts. It did not say how many accounts were affected.
“The information sought in the attack seems to be names and email addresses from the affected accounts’ most recent sent emails,” the company said in a blog post.
Yahoo says it believes the usernames and passwords weren’t collected from its own systems, but from a third-party database.
The company says it is resetting passwords on affected accounts and has “implemented additional measures” to block further attacks.
The company would not comment beyond the information in its blog post. It says it is working with federal law enforcement.
The blog post also reminds users on best practices: Change passwords regularly, use strong variations on numbers and symbols and vary passwords across websites and services.
Yahoo has security teams focused on hacking attempts as the tech giant was breached multiple times in 2012. The most visible: a website hack in which 450,000 Yahoo user accounts were accessed. The company subsequently began using more secure HTTPS web address. But the hacking attempts haven’t stopped.