Oh dear Yahoo. Are you really this careless and forgetful?
Or were you burying bad (and highly market sensitive) news, in the hope of a knight in shining armour coming along and buying your worthless business? Either way, it is clear that the security & welfare of your customers is of absolutely no concern to you. At least tell them promptly - people inevitably use the same password everywhere. Hackers know that and will be trying your list on other web sites, with a probable success rate of about 25%.
"State-sponsored hackers"? Pull the other one... It was probably just bored script kiddie. Seems like Yahoo's security is run by the very same people who rejected Microsoft's vastly over-inflated $45 Billion offer in 2008.
Lets all have a go at hacking them - I bet the admin password is 'magicbeans'. :rolleyes: