Hacked

Yahoo! Mail was hacked, not just once, but twice, over three years ago. However, Yahoo! was not forthcoming about the incidents until late last year. Hackers stole passwords, user account information, e-mail, and answers to security questions. Receiving a phishing e-mail with a spoofed address just a few days ago indicates that the hackers are actively seeking to gain access to user accounts that could reap big payoffs.

Enabling 2-factor authentication now is moot. The hackers have already stolen relevant information that could facilitate access to other accounts, particularly on-line banking. What's worse is that the perpetrators have had over three years to operate in stealth. What kind of shit is that?

Addendum: 2-factor authentication is a real pain the ass. Code is sent via SMS messaging and is used to enter site in addition to password.