Yahoo! have finally confirmed that data comprising of 400,000+ email ids and passwords was indeed taken from their servers. In a detailed note, Yahoo! revealed that an “older file from Yahoo! Contributor Network (previously Associated Content) containing approximately 400,000 Yahoo! and other company users names and passwords was stolen yesterday, July 11.” Yahoo! went on to confirm that of the entire lot of e-mail ids and passwords compromised, less than five percent of the Yahoo! accounts had valid passwords. The company has assured in the note that it is fixing the loophole that led to the breach, while also changing the passwords of the affected accounts. They are also informing companies whose user accounts may have been affected by the breach. Yahoo! has also notified its users to change their passwords regularly, and also make themselves aware of online safety tips at security.yahoo.com.
Apologizes for the data breach..
Hackers belonging to a hacking collective called D33Ds Company recently managed to retrieve and subsequently dump login details of more than 400,000+ user accounts in plain text. The most worrisome bit there was that the stored passwords were completely unencrypted. It has been brought to light that the hackers used a union-based SQL injection attack to get away with the information stored in the database. A note at the end of the dump reads, “We hope that the parties responsible for managing the security of this sub-domain will take this as a wake-up call and not as a threat. There have been many security holes exploited in webservers belonging to Yahoo! Inc. that have caused far greater damage than our disclosure. Please do not take them lightly. The sub-domain and vulnerable parameters have not been posted to avoid further damage.“
A post on TrustedSec pertaining to the incident read, “The passwords contained a wide variety of e-mail addresses including those from yahoo.com, gmail.com, aol.com, and much more.” Interestingly, the post adds that the affected website is a sub-domain of yahoo.com, and that the compromised server may be Yahoo! Voice a.k.a Associated Content. “The affected website was only named as a sub-domain of yahoo.com. However, digging through and searching for the hostname, the attacker forgot to remove the hostname “dbb1.ac.bf1.yahoo.com” (credit to Mubix for the hostname find),” Trustedsec wrote.
Security breach, such as the case in point or the LinkedIn database leak, is emerging as a worrying trend. LinkedIn recently suffered a data breach where passwords of some of the social network’s members were compromised. At the time of the incident, LinkedIn engineer Vicente Silveira confirmed on the website’s blog that some passwords were “compromised”. “We are continuing to investigate this situation,” he said.