Yahoo Security Breach
Computing and PC help and advice, programming, games, digital audio, mobile phones and electronic miscellanea.
| Announcements | Posted on | |
|---|---|---|
| Enter our travel-writing competition for the chance to win a Nikon 1 J3 camera | 21-05-2013 | |
-
- Reputation:
- Thread Starter
- Exalted Member
- Posts: 349
Yahoo Security BreachAs some of you may already know there has been a serious breach of security at Yahoo in which the login credentials of more than 450,000 users were exposed by a hacker group calling themselves the 'D33ds Company' which allegedly used an SQL injection attack to gain access to the data and then posted it online. Shockingly, the login credentials were stored in plain text. A security company called Sucuri has created a script to check if your email address is affected. Note that some of the affected email addresses are from other webmail services including gmail, hotmail, and a few others.
More articles on this:
http://techcrunch.com/2012/07/12/yah...ccounts-apply/
http://www.engadget.com/2012/07/12/y...curity-breach/
http://www.pcworld.com/businesscente...s_experts.html
http://arstechnica.com/security/2012...ervice-hacked/ -
- Reputation:
- TSR Demigod
Re: Yahoo Security BreachIt is unbelievable that a company as large as Yahoo would continue (it's bad enough that they were doing it in the first place) to store their user details in plain text after all of the hackings over the past few years.(Original post by BoringComputerGuy)
As some of you may already know there has been a serious breach of security at Yahoo in which the login credentials of more than 450,000 users were exposed by a hacker group calling themselves the 'D33ds Company' which allegedly used an SQL injection attack to gain access to the data and then posted it online. Shockingly, the login credentials were stored in plain text. A security company called Sucuri has created a script to check if your email address is affected. Note that some of the affected email addresses are from other webmail services including gmail, hotmail, and a few others.
More articles on this:
http://techcrunch.com/2012/07/12/yah...ccounts-apply/
http://www.engadget.com/2012/07/12/y...curity-breach/
http://www.pcworld.com/businesscente...s_experts.html
http://arstechnica.com/security/2012...ervice-hacked/
-
- Reputation:
- Thread Starter
- Exalted Member
- Posts: 349
Re: Yahoo Security BreachI know, it's mind blowing how complacent a company such as Yahoo can be in this day and age, with the rise of 'hacktivism' and what not you would think that a basic precaution such as encrypting sensitive data would be no brainer.(Original post by whyumadtho)
It is unbelievable that a company as large as Yahoo would continue (it's bad enough that they were doing it in the first place) to store their user details in plain text after all of the hackings over the past few years.
Amusingly, some of the weak passwords used were analysed in this article, and 1666 users had '123456' as their password. 780 had 'password', and loads of others had appalingly weak passwords like '123123', 'welcome' or just their first name.
