Hackers have stolen the login names of 22 million Yahoo users in Japan, prompting the internet search giant to urge people to change their passwords immediately.
The company said the details were contained in a file that may have been stolen during an attack on its systems, which was picked up by Yahoo on 16 May.
"We don't know if the file (of 22 million user IDs) was leaked or not, but we can't deny the possibility given the volume of traffic between our server and external [terminals]," said the company in a statement to AFP.
However, the company has been quick to stress that no information that would allow the hackers to seize control of users' accounts was pilfered during attack.
Even so, the company is urging users to change their passwords as a precautionary measure.
According to reports, Yahoo Japan has around 200 million members, which means the attack could have affected around 10 per cent of the country's total user base.
Ross Brewer, managing director and vice president for international markets at security vendor LogRhythm, said Yahoo should be commended for coming clean about the attack.
"[Yahoo] should also be commended for providing its members with actionable advice on how to stop hackers from compromising their individual accounts," said Brewer.
"However, in the aftermath of any breach, it's also absolutely vital to investigate how the attackers managed to get in, and then use this intelligence to beef up security defences in the future."
