450,000 Yahoo passwords just got hacked; find out if you might be affected

13 Jul

11111111111111111111yahoo-building

Security firm TrustedSec has found that more than 450,000 passwords have been exposed after a successfulhack into Yahoo’s Voices website, the Guardian reports. Voices, formerly known as Associated Content before being purchased by Yahoo in 2010, is a news and analysis site that relies on user-generated content. The big problem with this particular hack, the Guardian says, is that “the passwords for the accounts were not encrypted — meaning that any hacker could scoop up the emails and immediately start using them against other services, including Yahoo Mail.” TrustedSec says the hack was executed using SQL injection attacks that are commonly used to hack into databases, and security expert Anders Nilsson has an analysis of the data that is linked below.

Update: Yahoo confirmed the breach and provided the following statement to TechCrunch:At Yahoo! we take security very seriously and invest heavily in protective measures to ensure the security of our users and their data across all our products. We confirm that an older file from Yahoo! Contributor Network (previously Associated Content) containing approximately 400,000 Yahoo! and other company users names and passwords was stolen yesterday,July 11.  Of these, less than 5% of the Yahoo! accounts had valid passwords. We are fixing the vulnerability that led to the disclosure of this data, changing the passwords of the affected Yahoo! users and notifying the companies whose users accounts may have been compromised.  We apologize to affected users.  We encourage users to change their passwords on a regular basis and also familiarize themselves with our online safety tips at security.yahoo.com.

 

http://www.guardian.co.uk/technology/2012/jul/12/yahoo-voice-hack-attack-passwords-stolen

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: