I concur with "Kitty...": nothing is out of the equation.
Hijacked documents, if forwarded to a mothership, can be automatically scanned for known patterns of numbers, such as Credit Cards; phone numbers; and so on.
They do not have to be examined by a person: it's automatic. This is what computers do.
For the future you should know that Yahoo mail is notorious for being hijacked, and it should only be used for casual comm's.
Specifically, the only time Yahoo uses SSL (encryption) is during the "log-in" phase; once logged in, subsequent Yahoo services (like mail) are done using normal channels (http). If you ever use an un-encrypted WiFi for that, then the 'session authentication cookie' is being re-sent by you and can be easily copied ("sniffed") by anyone within range. That is then used to log in as you, and of course they then have full access to all your Yahoo account particulars.
There are other techniques to penetrate your system, or sniff traffic, but it's just another example of why you must become a security expert to use these things over the Internet.
And it's another instance of the importance to have singular and complex password for each account created on the 'Net. If a single password can be slurped or guessed, then it's tried across multiple instances of the more popular websites, like Facebook, Yahoo, Google, and so on; and those who use one password for everything get compromised.
Use a full time encrypted mail service (Hushmail for instance) for sending delicate information to reduce the attack threat.
And lastly, for the utmost security, use Linux and be done with the Windows threats whenever using the 'Net, especially for those high value comm's.
ADDED: here's something (today's news) to chew on: "Hackers Publish Over 450,000 Emails and Passwords Allegedly Stolen From Yahoo; https://www.pcworld.com/businesscenter/article/259135/hackers_publish_over_450000_emails_and_passwords_allegedly_stolen_from_yahoo.html