If you are still able to get into your mail, go there right away, and change your password.
If you can no longer get into your account, you need to contact Yahoo here and send a mail describing your problem to account-security:
If this doesn't help, call Yahoo: 1-408-349-1572
and then explain to customer service what happened. They will ask you to do certain things and then they compare your original informatio with the changed information. You should get your account back and all your information within 24 hours.
You should also try to figure out how they got your password. If you really don't think you slipped it to anyone, you may have a keylogger on your computer. A keylogger is a malware program that tracks and transmits what keys you press, and that is how they get your passwords. If you think you may have a keylogger, I'll tell you how to get rid of it, but first go to a clean machine, and go change any banking passwords you may have which may be compromised and any other email addresses (including the Yahoo...don't change it from the compromised computer if you think it may have a keylogger on it)
You should run numerous scans to make certain your computer is clean before entering new passwords. First, run a program called malewarebytes. You can get it here: http://www.malwarebytes.org/mbam.php
Download it, install it, update it with latest definitions, and then scan your operating system drive (if you have other hard drives you can scan the rest later, first clean the OS drive)
Then run an online scan with Trend Micro's Housecall program. (I don't know how it does with keyloggers, but it's great at detecting rootkits so I always recommend this) You can do this here: http://housecall.trendmicro.com/
When you open a browser to run an online scan, do it like this: right click on the IE icon, and select run as administrator. This will avoid security issues with your other antivirus software.
After you are certain your computer is clean, pick new, great, passwords. Passwords are more important that people give them time for. Here is how to pick a great password that you can also remember: http://www.wikihow.com/Choose-a-Secure-Password
(these are not all great, but I like #6 and #7...)
Another good password article: http://www.uxbooth.com/blog/password-usability/
If you need something better you can google it. I myself have one password for all my "nothing" websites...sites I shop on, or sites that just have information and stuff, nothing that's really personal information or I don't have a profile or banking information (or debit card information) on...I have different unique ones for banking sites and email sites (if they get your email password, theoretically they can get any password, right?)
So anyway, that's a lot of information. If this post has helped you, please remember to vote for it...if you need more help, just ask in the add comment section.