AOL said its networks were breached and customer information was stolen to send spoofed spam messages. Hackers accessed personal information, including email addresses, and postal addresses, AOL said. The encrypted information has likely not been compromised yet it still strongly recommended that users change their passwords. A developer in the content management space, Brian Alvey, surmised AOL had been exploited. He surmises that there may not have been a security check like this in place, something that could allow an attacker to bypass security.
Source: https://threatpost.com/aol-investigating-breach-urges-users-to-change-passwords/105734/