Quantcast
Latest Stories
Home > Technology > Latest Technology Stories > Internet > Yahoo confirms theft of 450,000 users’ passwords

Yahoo confirms theft of 450,000 users’ passwords


11:03 pm | Friday, July 13th, 2012

A Yahoo sign stands outside the company's offices in Santa Clara, California. AP FILE PHOTO

LONDON—Some 450,000 Yahoo users’ email addresses and passwords have been leaked because of a security breach, the company confirmed Thursday, adding that just a small fraction of the stolen passwords were valid.

The company said in a statement that an “old file” from the Yahoo Contributor Network was compromised Wednesday. Among the stolen emails and passwords were many from Yahoo’s own email service along with those of other companies. The Yahoo Contributor Network is a content-sharing platform.

Yahoo said it is fixing the vulnerability that led to the disclosure, changing the passwords of affected Yahoo users, and notifying other companies whose users’ accounts may have been compromised.

“We apologize to all affected users,” the company statement said.

Technology news websites including CNET, Ars Technica, and Mashable identified the hackers behind the attack as a little-known outfit calling itself the D33D Company. The group was quoted as saying it had stolen the unencrypted passwords using an SQL injection — the name given to a commonly used attack in which hackers use rogue commands to extract data from vulnerable websites.

“We hope that the parties responsible for managing the security of this subdomain will take this as a wake-up call,” the group was quoted as saying.

Online security experts said Yahoo might have done more to protect the stored passwords, with Ohio-based TrustedSec describing the Internet giant’s decision not to encrypt them as “most alarming.”

Nevertheless, the haul does not appear as useful to hackers as they might have thought. Yahoo cautioned that only 5 percent of passwords associated with its account holders were valid.

It was not immediately possible to contact the Ukraine-registered website associated with D33D Company. Its contact form was inoperable Thursday, while an email address and a phone number attributed to the site’s registrant appeared to be invalid.

Follow us on Facebook Follow on Twitter Follow on Twitter




Recent Stories:

US stocks dip despite M&A activity 2 hours elapsed Tornado hits Oklahoma City suburb 2 hours elapsed Gay man’s killing in NYC leads to police increase 3 hours elapsed Asia-Pacific leaders warn of water conflict threat 3 hours elapsed Yahoo! confirms Tumblr deal for $1.1B 3 hours elapsed Mobiles offer financial lifeline to Asian migrants—study 4 hours elapsed Protest rally planned after gay man murdered in Manhattan 5 hours elapsed Fil-Ams voted for 10 of 12 Aquino-backed candidates 6 hours elapsed
Complete stories on our Digital Edition newsstand for tablets, netbooks and mobile phones; 14-issue free trial. About to step out? Get breaking alerts on your mobile.phone. Text ON INQ BREAKING to 4467, for Globe, Smart and Sun subscribers in the Philippines.

Tags: Password , security , Yahoo

  • http://elmerlovesoreo.blogspot.com/ Elmer Loves Oreo

    I hope I’m not included in the list :(



Copyright © 2013,
.
To subscribe to the Philippine Daily Inquirer newspaper in the Philippines, call +63 2 896-6000 for Metro Manila and Metro Cebu or email your subscription request here.
Factual errors? Contact the Philippine Daily Inquirer's day desk. Believe this article violates journalistic ethics? Contact the Inquirer's Reader's Advocate. Or write The Readers' Advocate:
c/o Philippine Daily Inquirer Chino Roces Avenue corner Yague and Mascardo Streets, Makati City, Metro Manila, Philippines Or fax nos. +63 2 8974793 to 94
Advertisement
  1. Metro’s traffic situation may now be monitored via smart phones, tablets
  2. Hontiveros shows there’s life outside Senate
  3. Mobiles offer financial lifeline to Asian migrants—study
  4. Yahoo! confirms Tumblr deal for $1.1B
  5. Hong Kong launches first electric taxis
  6. Google snaps Australian couple ‘having sex on road’
  7. Yahoo! to buy blog-maker Tumblr for $1.1B—report
  8. Enrile story goes viral: ‘The audacity,’ that’s our money!
  9. Free Inquirer tablets for lucky INQSnap readers
  10. ‘Hatchet hitchhiker’ arrested in US murder
  1. Hontiveros shows there’s life outside Senate
  2. Gordon’s nickname ‘Dick’ sparks jokes on Twitter
  3. BlackBerry CEO unveils new smartphone
  4. Samsung announces 5G data breakthrough
  5. Smartmatic lets PPCRV examine audit logs
  6. Telcos to Comelec: What weak signal?
  7. Enrile story goes viral: ‘The audacity,’ that’s our money!
  8. Update to address Windows 8 confusion will be free
  9. Facebook and Twitter jump on Google glasses
  10. Big 4 cell-phone carriers unite on anti-texting ads
  1. Hontiveros shows there’s life outside Senate
  2. Gordon’s nickname ‘Dick’ sparks jokes on Twitter
  3. How to organize your busy life with Samsung Galaxy Note 8.0
  4. Multiply.com closes shop
  5. Nokia launches $99 smartphone targeting emerging-market users
  6. Smartphones overtake ‘dumb’ phones worldwide
  7. Samsung announces 5G data breakthrough
  8. How international cyber thieves did it

News

  • Tornado hits Oklahoma City suburb
  • Fugitive Joavan caught in Moalboal resort before he flees to Negros Oriental
  • Davide braces for Capitol payables; meets officials
  • Rama on vacation as ally hits BO-PK on poll protest bid
  • Vietnam rice stocks arrive in Cebu

    • Sports

  • Aces not one and done, says Uytengsu
  • What a class act by Alaska
  • Caluag rules Asian BMX Elite category
  • Emperado claims 2nd GM victim, shares lead
  • Fruitas, Boracay seek semis berths Tuesday

    • Lifestyle

  • Olongapo nurse crowned Miss PH-Earth on second try
  • These dogs can fly– and that includes asPins, too
  • Hair: It doesn’t only reflect your beauty, it also says something about your health
  • Learn ‘the ropes’ to get in shape
  • Can the ability to bilocate be inherited?

    • Entertainment

  • Single Review: ‘Up In The Air’ by 30 Seconds To Mars
  • Arnel Pineda: Journey to go on a hiatus after 2016
  • Heard: Sir Chief on being ‘Papa-ble!’
  • Double victory for Yllanas
  • K-pop’s G Dragon eager for challenge of solo tour

    • Business

  • US stocks dip despite M&A activity
  • MyxTV launches app on Roku
  • Asian shares higher on US gains
  • PH approves three new wind farms
  • BIR exceeds April collection target

    • Technology

  • Yahoo! confirms Tumblr deal for $1.1B
  • Mobiles offer financial lifeline to Asian migrants—study
  • Metro’s traffic situation may now be monitored via smart phones, tablets
  • Yahoo! to buy blog-maker Tumblr for $1.1B—report
  • Free Inquirer tablets for lucky INQSnap readers

    • Opinion

  • Editorial cartoon, May 21, 2013
  • Reliance on remittances
  • Shattered bamboo reeds
  • Ideal worlds
  • The sheer inadequacy of single-factor analyses

    • Global Nation

  • Fil-Ams voted for 10 of 12 Aquino-backed candidates
  • Different versions of letter of apology show insincerity—Taiwan representative
  • Manila, Taipei agree on ‘cooperative’ probe
  • Saudi signs accord to protect PH maids
  • Binay urges Taiwan to protect Filipino workers
    • Marketplace
    Advertisement
    © Copyright 1997-2013 INQUIRER.net | All Rights Reserved