Yahoo confirmed the security attack was likely a coordinated effort to illegally access Yahoo Mail accounts. The company took immediate action to make vulnerable users change their passwords.

Although the tech giant didn’t provide exact information on when the attack happened, its experts revealed that an investigation found out malicious computer software which used a list of usernames and passwords to access their mail accounts. The security experts admitted that the list of usernames and passwords used to execute the attack seemed to be collected from a 3rd-party database compromise. Thus far, there is no evidence the data was obtained directly from Yahoo’s systems.

The company announced that the attempted hack had taken place, where the attackers tried to get names and email addresses from users' sent emails. The hacker attack seems to be the latest embarrassment for the company, which used to be criticized after its tweets about the brief Gmail outage. By the way, Yahoo later apologized for its tweets, calling them “bad judgment”.

The tech giant claimed it was cooperating with federal law enforcement in order to find and prosecute the attackers. Yahoo also apologized to its users and said it regretted about the incident and wanted to assure the users that the security of their sensitive information is always taken very seriously.

The industry observers remind that earlier in 2014, Yahoo’s advertising server also suffered from a malware attack, reportedly affecting tens of thousands of users per hour. And a couple years ago, intruders managed to publish login data for over 450,000 Yahoo users online.