Troubled internet pioneer Yahoo has suffered yet another embarrassing snafu. On Thursday the company acknowledged that hackers had exposed a breach on one of its websites and stolen 450,000 usernames and passwords.
Yahoo gave few details about the security breach, but security analysts said hackers penetrated a Yahoo site called Yahoo Voices, which features user articles, videos and slideshows. Yahoo bought the site from Associated Content, and many users had reportedly logged onto the site using non-Yahoo email addresses.
The hackers copied files that contained user log-ons and passwords as well as their access details to other internet services such as Hotmail.com, Gmail.com and AOL.com.
The hacker group, known as D33Ds Company posted details of the 453,000 accounts online, just a day after popular social network Formspring was forced to reset the passwords of its 28 million users after an even bigger breach. "We hope that the parties responsible for managing the security of this subdomain will take this as a wake-up call and not as a threat," read a note included in the password dump, Information Week reported. In a statement published on the blog TechCrunch.com, Yahoo apologised for the theft of data and said it was working to fix the vulnerability.
Yahoo was changing the passwords of the affected users and informing other companies whose users' accounts may have been compromised, the statement said. Yahoo said that only 5 per cent of the compromised Yahoo accounts had valid passwords.
Comments
Comments are closed.