The company said it was working with federal
authorities to investigate the attack, in which hackers obtained
email addresses, postal addresses, encrypted passwords and
answers to security questions used to reset passwords.
It said there was no indication that the encryption on that data
had been broken.
A company spokesman declined to say how many email accounts are
registered on its system.
AOL said that it identified the breach after noticing a
"significant" increase in the amount of spam appearing as
spoofed emails from AOL addresses. Such emails do not originate
from a sender's service provider, but their addresses are edited
to make them appear that way.
(Reporting by Jim Finkle; editing by Richard Valdmanis and
[© 2014 Thomson Reuters. All rights
Copyright 2014 Reuters. All rights reserved. This material may not be published,
broadcast, rewritten or redistributed.