Very interesting and eye-opening article. I actually remember a couple of years ago having a close call like that w/ my yahoo account one time.
Unfortunately, for those dunces whomever got my info for spamming didn't realize 1) how frequently I use that email (it's one of my longtime primary ones) 2) they screwed w/ a tech-savvy user that already had measures in place for Yahoo to notify of suspicious activity and 3) that even if all of that wasn't the case, in contacts I actually had my work email in there (I forwarded some docs to it once) so when they tried to get on that spam-a-thon trip the idiots actually sent an email to me from 'me'.....insta-red flag for me, lol.
Once I noticed all those things together, I instantly changed my password and since this was right around the time Yahoo started adopting multi-layer of verification process (gmail had already had it at that point & I had it put that account), I double whammy them w/ that, too. Haven't really had a problem since.