Yahoo Security Notice December 14, 2016
Yahoo has identified data security issues concerning certain Yahoo user accounts. Yahoo has taken steps to secure user accounts and is working closely with law enforcement.
Below are FAQs containing details about these issues and steps users can take to help protect their accounts.
Law enforcement provided Yahoo in November 2016 with data files that a third party claimed was Yahoo user data. We analyzed this data with the assistance of outside forensic experts and found that it appears to be Yahoo user data. Based on further analysis of this data by the forensic experts, we believe an unauthorized third party, in August 2013, stole data associated with more than one billion user accounts. Yahoo has not been able to identify the intrusion associated with this theft. We believe this incident is likely distinct from the incident we disclosed on September 22, 2016.
For further information and a complete description of the issue, please study the contents of the Yahoo help page.
And the Lucidview security advisory.
Our malware detection algorithm has marked Yahoo mail as likely containing malicious content.
This is confirmed by Google Safe Browsing, SiteAdvisor (McAfee) and ESET also blocking Yahoo Mail for possible malicious content.
“Attackers on this site might try to trick you to download software or steal your information (for example passwords, messages, or credit card information).”
“Caution. We tested this link and found it might send your personal information to people online who can use it to access your financial information, or steal your identity.”