Yahoo Loses 453,000 User Passwords to Hackers
July 12, 2012 4:45 PM
comment(s) - last by
Hackers say data was posted as a warning
) all over again!
Hackers with "D33ds Company" have posted 453,000 passwords from Yahoo! Inc.'s (
) Voices -- a part of its news service. Bafflingly, Yahoo administrators apparently opted for no encryption of the passwords, storing them in plain-text.
Hackers scooped up the passwords using
The hackers write on their text dump:
We hope that the parties responsible for managing the security of this subdomain will take this as a wake-up call, and not as a threat. There have been many security holes exploited in Web servers belonging to Yahoo! Inc. that have caused far greater damage than our disclosure. Please do not take them lightly.
They were at least kind enough not to publish details of how the penetrated Yahoo's servers.
Some of the 453,000 compromised accounts. [Image Source: TrustedSec]
Yahoo insists that it's not that big a deal, saying that only 5 percent of the user passwords would pass as valid passwords on its other sites, hence most users day-to-day passswords were likely not compromised.
It does apologize, though, for the inconvenience,
At Yahoo! we take security very seriously and invest heavily in protective measures to ensure the security of our users and their data across all our products. We are fixing the vulnerability that led to the disclosure of this data, changing the passwords of the affected Yahoo! users and notifying the companies whose users accounts may have been compromised.
Multiple military and government email addresses were found among the users with leaked passwords.
This article is over a month old, voting and posting comments is disabled
RE: was I on the list ...
7/13/2012 12:46:48 PM
The link was still there when I checked it this morning at 2 AM. It was on a redirect with a tarball text file.
I checked to see if I was on it which I thankfully was not. In either case, I'm not sure if these emails are the primary yahoo account one's that you use everywhere, but only one very specific subset of their services.
“So far we have not seen a single Android device that does not infringe on our patents." -- Microsoft General Counsel Brad Smith
Nokia is the Victim of SQL Injection, Loses Developer Records
August 29, 2011, 8:37 AM
LulzSec Strikes Again, 1M Sony Pictures User Accounts Compromised
June 2, 2011, 6:27 PM
Dutch Gov. to Google: Don't Spy on Us
December 2, 2013, 1:21 PM
Quick Note: Amazon to Use Unmanned Drones for 30 Minute Package Deliveries
December 2, 2013, 11:51 AM
Quick Note: Wi-Fi Hack Prompts European Parliament to Eliminate Access
November 29, 2013, 11:05 AM
NYT: NSA May Have Spied on Google, Yahoo Data Centers Via Fiber-Optic Cables
November 26, 2013, 3:35 PM
Quick Note: Intel Wants to Sell OnCue Internet TV Service for $500M
November 26, 2013, 12:40 PM
Facebook CEO Says Government "Blew It" with NSA Spying
November 25, 2013, 11:23 AM
Most Popular Articles
NSA Snares Americans' Porn Viewing Histories in Effort to Target Muslims
December 1, 2013, 9:00 PM
Coalition of 20+ Tech Firms Backs MRAM as Potential DRAM, NAND Replacement
November 29, 2013, 11:59 PM
Fed Up With Cheating OEMs, Microsoft Trolls Chromebooks in New Ad
November 27, 2013, 4:09 PM
Xbox? PCs? Mobile? Microsoft Wants One Windows to Rule Them All
November 25, 2013, 8:21 PM
Seattle Restaurant Bans Google Glass, Tells Wearers to "Just shut up and get out"
November 27, 2013, 10:27 AM
Latest Blog Posts
Global Cyber Espionage Concerns Reveal Growing Cyber Armies
Nov 29, 2013, 11:04 AM
Is The Period Becoming an Expression of Anger?
Nov 26, 2013, 2:02 PM
NSA and Congress -- You Will Never Kill the Constitution, It's an Idea
Nov 10, 2013, 2:00 PM
AT&T Explores $100B+ USD Deal to Acquire Vodafone's European Operations
Nov 4, 2013, 7:34 AM
U.S. Army Developing Cyber, Electronic War Arsenal
Oct 31, 2013, 4:49 PM
More Blog Posts
Copyright 2013 DailyTech LLC. -
Terms, Conditions & Privacy Information