Yahoo confirmed 400,000 user names from one of its services were hacked Thursday.
The company said that although the breached accounts include user names from Yahoo and other companies, only 5% of the accounts had valid passwords.
Yahoo said it is working to fix the vulnerability and is changing the passwords of the affected users. The company also said it is notifying other companies whose users may have been affected -- earlier we reported that they may include people who use AOL, Gmail, Hotmail and many others.
The hack happened Wednesday, according to Yahoo, which also said it was an older file for Yahoo! Contributor Network that was breached.