Hackers claim to have breached Yahoo's security, posting the alleged login details of over 450,000 users.
The attack reportedly targeted the company's Yahoo Voices platform with a union-based SQL injection technique - a form of attack that tries to trick a SQL database to run a string containing malicious code.
The hackers posted over 453,000 alleged login credentials to the D33D Company website as proof of the breach, claiming the attack was intended to be a wake up call for Yahoo.
"We hope that the parties responsible for managing the security of this subdomain will take this as a wake-up call, and not as a threat," the group said.
"There have been many security holes exploited in webservers belonging to Yahoo that have caused far greater damage than our disclosure. Please do not take them lightly. The subdomain and vulnerable parameters have not been posted to avoid further damage."
Yahoo told V3 that it was investigating the hackers' post and encouraged users to change passwords regularly.
"At Yahoo we take security very seriously and invest heavily in protective measures to ensure the security of our users and their data across all our products. We are currently investigating the claims of a compromise of Yahoo user IDs," said a Yahoo spokesman.
"We encourage users to change their passwords on a regular basis and also familiarise themselves with our online safety tips at security.yahoo.com."
Prior to the hackers post, question and answer site Formspring confirmed it had disabled its users passwords after around 420,000 hashed passwords claiming to belong to the site were posted to a security forum.
Microsoft claims Check Point's methodology is all wrong - figure more like five million, not 250 million
Microsoft's explanation still raises as many questions as it answers
Wikileaks dumps info on 'Brutal Kangeroo', the CIA's malware toolkit for hacking 'air-gapped' networks
CIA's Brutal Kangeroo malware suite likened to Stuxnet
Commuters less than chuffed - many fined for not having a ticket