In an attack on May 16th on Yahoo Japan, user ID info for 22 million of its users was leaked. No passwords were stolen during the attack. The volume of traffic between the back end administration systems and the external internet was what gave the attack away. It estimates that a tenth of its 200 million members was involved. It was not certain that the data was taken, but told the AFP that "we can’t deny the possibility, given the volume of traffic".

As is often the case, Yahoo Japan told its members to change their passwords and promised to improve its security measures. Thought the user ID data is of limited use, it could be used in a phishing attack. Users could receive an email that is actually a phishing attack asking the user to change passwords and sending them via a link to a fake page where they could gain the users log in details.

Yahoo has a 50% market share, which is a collaboration between Japan's SoftBank and the US Yahoo.