“We hope that the parties responsible for managing the security of this subdomain will take this as a wake-up call, and not as a threat,” the hackers said. “There have been many security holes exploited in webservers belonging to Yahoo! Inc. that have caused far greater damage than our disclosure. Please do not take them lightly.”
This group claims to have hacked into the database by exploiting an SQL injection vulnerability found on a Yahoo subdomain. These credentials don't only include yahoo.com email addresses, but also those from other public and private email providers, like GMAIL, HOTMAIL and AOL.
What can you do? Change your passwords as soon as possible, and read more at Macworld, here:
and CNET here: