Millions of Yahoo accounts pop up for sale on the dark web

A man types on a computer keyboard in Warsaw in this February 28, 2013 illustration file picture.

A man types on a computer keyboard in Warsaw in this February 28, 2013 illustration file picture.  (REUTERS/Kacper Pempel/Files)

Yahoo is investigating a potential security breach, after 200 million Yahoo user accounts reportedly showed up for sale on the dark web.

A hacker linked to breaches of LinkedIn and MySpace databases posted the Yahoo information on a marketplace called The Real Deal, Motherboard reported Monday.

It's unclear if the Yahoo login credentials came from a stolen company database or were obtained though some other hacking method. A Yahoo spokesperson told Motherboard that the company was aware of the credentials being stolen online, but did not confirm whether Yahoo itself was hacked.

The company said that it was still investigating the potential security breach, according an article BBC News published Tuesday. A spokesperson did not immediately respond to PCMag's request for comment.

Many of the accounts appear to be disabled or otherwise inactive. Motherboard attempted to contact more than 100 email addresses from the database, and many of its queries came back as "undeliverable." The hacker who posted the data told Motherboard that the addresses were most likely from 2012.

This is not Yahoo's first security issue. In 2012, a breach exposed 453,000 passwords, while a 2014 breach involved what the company described as a "coordinated effort" to gain access to Yahoo email accounts. In May, the US House of Representatives blocked Yahoo access on its network over concerns that it was a target for hackers.

Yahoo sought to reassure its customers on Tuesday, telling BBC News that it "works hard to keep our users safe, and we always encourage our users to create strong passwords, or give up passwords altogether by using Yahoo Account Key, and use different passwords for different platforms."

This article originally appeared on