What to doOf course, if you have a Yahoo login that you use for any purpose (e.g., Yahoo email, Yahoo groups, Yahoo shopping, etc.), you need to navigate to Yahoo.com in your web browser and reset your password to a strong password. While you're at it, reset your security questions and answers and enable two-factor authentication using Yahoo Account Key.
See these Sophos tips for creating passwords. If you're really ambitious, you can take it one step further and use unique user names for the sites that hold your most sensitive data.
What not to doDo not use that same user name and password combination on any other sites.
What else?Be on the alert for phishing emails that exploit this "world's biggest hack" story. Scammers will try take advantage of situations like this by emailing users fake messages that are designed to steal your login credentials or banking information.
If you get any email related to the breach, just delete it. Don't reply to it, don't forward it, and don't click any links or open any attachments in the message.