Welcome, Guest! - or
Easy to remember!  »  VinNews.com

London - Yahoo Investigating Reported Mass Password Breach

Published on: July 12, 2012 09:23 AM
By: AP
Change text size Text Size  
Bookmark and Share
The European headquarters of US multinational internet corporation 'Yahoo!' in Rolle, Switzerland, 04 April 2012.The European headquarters of US multinational internet corporation 'Yahoo!' in Rolle, Switzerland, 04 April 2012.

London - Some 450,000 Yahoo users’ email addresses and passwords have been leaked because of a security breach, the company confirmed Thursday, adding that just a small fraction of the stolen passwords were valid.

The company said in a statement that an “old file” from the Yahoo Contributor Network was compromised Wednesday. Among the stolen emails and passwords were many from Yahoo’s own email service along with those of other companies. The Yahoo Contributor Network is a content-sharing platform.

Yahoo said it is fixing the vulnerability that led to the disclosure, changing the passwords of affected Yahoo users, and notifying other companies whose users’ accounts may have been compromised.

“We apologize to all affected users,” the company statement said.

Advertisement:

Technology news websites including CNET, Ars Technica, and Mashable identified the hackers behind the attack as a little-known outfit calling itself the D33D Company. The group was quoted as saying it had stolen the unencrypted passwords using an SQL injection — the name given to a commonly used attack in which hackers use rogue commands to extract data from vulnerable websites.

“We hope that the parties responsible for managing the security of this subdomain will take this as a wake-up call,” the group was quoted as saying.

Online security experts said Yahoo might have done more to protect the stored passwords, with Ohio-based TrustedSec describing the Internet giant’s decision not to encrypt them as “most alarming.”

Nevertheless, the haul does not appear as useful to hackers as they might have thought. Yahoo cautioned that only 5 percent of passwords associated with its account holders were valid.

It was not immediately possible to contact the Ukraine-registered website associated with D33D Company. Its contact form was inoperable Thursday, while an email address and a phone number attributed to the site’s registrant appeared to be invalid.


More of today's headlines

Jerusalem - Israel's vice premier is pessimistic about finding a formula to obligate ultra-Orthodox Jews to serve in the military before a court-determined Aug. 1... New York - Consolidated Edison Inc.'s largest union has asked the New York State commission that regulates the company to end the lockout of thousands of field...

 

You can now automatically hide comments - New!

Don't worry, you can always display comments when you need to.

Total7

Read Comments (7)  —  Post Yours »

1

 Jul 12, 2012 at 09:28 AM proudjewboy Says:

anyone still using yahoo?

2

 Jul 12, 2012 at 11:28 AM MTL Says:

Reply to #1  
proudjewboy Says:

anyone still using yahoo?

I had Yahoo for years with no problem. After being hacked 4 times within a month and a half and changing my password each time to complicated ones, I finally changed to Gmail & closed my Yahoo account....

3

 Jul 12, 2012 at 11:49 AM PowerUp Says:

Anybody know how I can transfer all emails in my yahoo account to Gmail? I have a lot of folders, and also a business domain attached to the main account.

4

 Jul 12, 2012 at 11:54 AM ProminantLawyer Says:

Reply to #2  
MTL Says:

I had Yahoo for years with no problem. After being hacked 4 times within a month and a half and changing my password each time to complicated ones, I finally changed to Gmail & closed my Yahoo account....

And I will bet my last million that you didnt know that with GMAIL you can get a verification code which is a DOUBLE protection against infiltation.

5

 Jul 12, 2012 at 12:39 PM MTL Says:

Reply to #3  
PowerUp Says:

Anybody know how I can transfer all emails in my yahoo account to Gmail? I have a lot of folders, and also a business domain attached to the main account.

You have an option in the Contacts of Gmail to import contacts from somewhere else. If that doesn't work, do it manually.
Then take all the emails you are saving in those folders and forward them to gmail and create new folders there.
It may take time, but it's worth it. When you're finished emptying out your Yahoo account, close it. You'll have to do an extensive search in Yahoo on how to do that, but you'll find it eventually. They don't want people closing accounts on them, so they make it hard to do.

6

 Jul 12, 2012 at 12:40 PM MTL Says:

Reply to #4  
ProminantLawyer Says:

And I will bet my last million that you didnt know that with GMAIL you can get a verification code which is a DOUBLE protection against infiltation.

Actually, no I didn't. Thanks for the information!

7

 Jul 12, 2012 at 08:06 PM Not_just_that___ Says:

Reply to #5  
MTL Says:

You have an option in the Contacts of Gmail to import contacts from somewhere else. If that doesn't work, do it manually.
Then take all the emails you are saving in those folders and forward them to gmail and create new folders there.
It may take time, but it's worth it. When you're finished emptying out your Yahoo account, close it. You'll have to do an extensive search in Yahoo on how to do that, but you'll find it eventually. They don't want people closing accounts on them, so they make it hard to do.

You are overcomplicating it. Use IMAP, and all the folders can be transferred easily, no forwarding required, plus no losss of information (time, from, folder name) as with forwarding.

8

Sign-in to post a comment

Scroll Up
Advertisements:

Sell your scrap gold and broken jewelry and earn hard cash sell gold today!