
Researchers say Yahoo Mail exploit still active, despite claim of being fixed - Pr0
http://thenextweb.com/insider/2013/01/08/researchers-say-yahoo-mail-exploit-still-active-despite-claim-of-being-fixed/
======
jmathai
Having worked at Yahoo! and being directly involved with an instance of a few
million phished accounts I can only say that they take this stuff very
seriously. We had a team of 5 or 6 people working about 2 months to resolve
this issue.

When you're the size of Yahoo! it's not just a simple code push. The process
of letting users recover their accounts is very tricky.

Anyways, I have plenty of gripes about Yahoo! but how they deal with security
is not one of them.

------
Pr0
For reference, here is the previous discussion:
<http://news.ycombinator.com/item?id=5021841>

------
davvid
I received an email just yesterday from my sister saying that she clicked on a
link in an email and that her yahoo mail account had been compromised
("hacked" were her exact words).

I didn't actually believe her at first but now it all makes sense.

