The hackers then used those login details to forward all mail coming into the account to a third party, or in some cases gathered information about contacts to use in other phishing scams.
Yahoo Mail, the largest in the U.S., only uses "https" during login and when users are manipulating settings in order to prevent usernames and passwords from being easily snatched by nearby hackers.