Yahoo! users may want to change their account passwords following a public breach of more than 450,000 users’ details from one of Yahoo!’s databases late last night.
According to a count by DataLossDB, the collection of leaked email addresses includes 136,000 Yahoo! mail addresses, 106,000 Gmail addresses, and 54,000 Hotmail addresses. Users whose passwords are the same across multiple services may be especially vulnerable.
Hackers calling themselves the D33Ds Company published the list of unencrypted emails and passwords on the Web with a message explaining that they’d been taken from an unnamed Yahoo! service using a SQL injection vulnerability — a technique that can sneak commands into a website’s input fields to trick it into coughing up data from a back-end database.
D33Ds Company claimed in its note that the hack was intended to warn Yahoo! about similar vulnerabilities in its sites – a dubious notion given the potentially massive privacy violation their public hack represents.
Complete, original article posted at: http://www.forbes.com/sites/andygreenberg/2012/07/12/hackers-spill-more-than-450000-email-addresses-and-passwords-blame-a-yahoo-database-vulnerability/
Leave a Reply
You must be logged in to post a comment.