It seems lately that not a month goes by without another major hack taking place. Sometimes these instances are about sending a message — like when online activist group Anonymous hacked the U.S. Department of Justice website a year ago — but usually it’s just about grabbing as much data as possible, which was the case with October’s Adobe hack which compromised 2.9 million customer names, along with credit card info and passwords.
This time, the target of the cyber attack was Yahoo’s email service. The attack took place sometime around late Thursday night and resulted in the usernames and passwords of some users being compromised. It’s expected that this data will be used to gather personal information about the contacts of those affected by the attack.
Yahoo hasn’t yet said how many accounts have been affected, but it could be quite a few people since the company runs the second-largest email service in the world. In total, there are 273 million Yahoo accounts, with 81 million in the U.S.
The company did, however, confirm in a blog post that the hackers were seeking names and email addresses taken from “affected accounts’ most recent sent emails.”
In other words, it’s likely the hackers were looking for more email addresses to send spam or scam messages to. With those users’ real names on hand, they will likely be able to make more targeted, seemingly legitimate scamming attempts.
As for the breached accounts themselves, it’s possible they could lead to breaches of a more serious kind, such as banking or shopping sites. That’s because many people tend to reuse passwords between services, and many services allow people to use their emails as usernames.
Fortunately, Yahoo is resetting the passwords of affected accounts and has implemented measures that should block further attacks. In the meantime, those affected should look into changing their passwords on other sites.
Edited by Cassandra Tucker