Hackers posted online what they say is login information for more than 450,000 Yahoo users.
An anonymous group dumped the stolen passwords onto another web page. According to that site, the data was released as a wake-up call.
The note warned Yahoo to take a closer look at its current security coverage.
The breach impacted users of Yahoo Voices, an online publishing tool, but it could be much more widespread. Many people re-use passwords across the internet.
Yahoo apologized Thursday and urged users to change their passwords regularly. They said less than 5-percent of the breached accounts had valid passwords.