Yahoo has confirmed that over 400,000 unencrypted Yahoo Voices passwords are at risk after a security breach on Wednesday (11th).
A hacker group calling itself D33Ds posted the passwords and a host of associated email addresses online after the hack.
Although Yahoo hasn’t been forthcoming with much in the way of detail, the hackers themselves claim to have used a Union-based SQL injection to steal the data, posting it online as a ‘wake-up call’.
Wake up and encrypt your passwords
Yesterday, a spokeswoman for Yahoo released a statements saying:
“We confirm that an older file from Yahoo! Contributor Network, previously Associated Content, containing approximately 450,000 Yahoo! and other company usernames and passwords was compromised yesterday, July 11,”
The hacked website was bought by Yahoo! in 2010 for the purpose of user generated content. It was formerly known as Associated Content before getting a Yahoo! re-brand.
Anna Brading, security consultant at Sophos said in a statement:
“First and foremost, if you use Yahoo Voices, change your password now. Unfortunately, the list of compromised websites just seems to keep growing, in little over a month we’ve seen breaches from Formspring, Last.fm, LinkedIn and eHarmony, proving just how important it is to make sure your passwords are unique and hard to guess for every website you use.”
Chris Petersen, CTO and co-founder of security specialist LogRhythm added:
“Passwords are of value when associated with an email account which is purported to be the case in the Yahoo breach. Because users often use the same password across different accounts, cyber criminals might be able to access other sites, company networks, and banking accounts if they can successfully map the compromised email address to the individual that owns it.”
The information that was hacked and subsequently leaked includes MySQL server variables, 453,492 email addresses and passwords (most from Yahoo.com but also from other public and non-public email providers) and names of database tables and columns.
Here’s some more articles you might like:
- Twitter suffers site-wide outage due to a ‘cascading bug’
- Learn how to secure a wireless network
- Anonymous attacks the Pirate Bay block, downs Virgin Media
- Spotify hacks Siri to bring voice control to iPhone app
Warning: Invalid argument supplied for foreach() in /var/sites/p/pluggedin.co.uk/public_html/wp-content/themes/magazeen/single.php on line 196