News & Commentary

11:02 AM
Matthew Schwartz
Matthew Schwartz

Yahoo Mail Passwords: Act Now

Yahoo suffers hack attack, eyes third-party database and reused credentials as likely culprits, may enforce two-factor authentication to help users recover accounts.

Yahoo said it reset passwords for an unspecified number of accounts after detecting an unfolding hack-attack campaign.

"Recently, we identified a coordinated effort to gain unauthorized access to Yahoo Mail accounts. Upon discovery, we took immediate action to protect our users, prompting them to reset passwords on impacted accounts," said Jay Rossiter, who's in charge of Yahoo's platforms and personalization products, in an "important security update for Yahoo Mail users" blog post. Some related notifications, however, have yet to be made.

To help users recover their accounts, Yahoo said it may force users to employ second sign-in verification -- its version of two-factor authentication -- which sends a six-digit code via SMS to a user's registered mobile phone number, provided they have one on file.

[Read the rest of this article on InformationWeek]

Register for Bank Systems & Technology Newsletters
Bank Systems & Technology Radio
Archived Audio Interviews
Join Bank Systems & Technology Associate Editor Bryan Yurcan, and guests Karen Massey and Jerry Silva from IDC Financial Insights, for a conversation about the firm's 11th annual FinTech rankings.