Welcome to DU!
The truly grassroots left-of-center political community where regular people, not algorithms, drive the discussions and set the standards.
Join the community:
Create a free account
Support DU (and get rid of ads!):
Become a Star Member
Latest Breaking News
General Discussion
The DU Lounge
All Forums
Issue Forums
Culture Forums
Alliance Forums
Region Forums
Support Forums
Help & Search
450,000 Yahoo passwords leaked — How to check if you are affected
(snip)
The tech site CNet, also reports that Yahoo has suffered a major password breach. According to CNet, the hacker collective called D33D Co. published login credentials obtained from Yahoo's "Contributor Network" site using a "union-based SQL injection," a method for tricking the database on a poorly secured site to divulge private information. CNet reports that the Yahoo Contributor Network, formerly a content farm called Associated Content, was purchased by Yahoo for more than $100 million. According to CNet, the published files contain "huge number" of login credentials for many other email services. (Gmail: 106,873; Hotmail: 55,148, AOL: 25,521).
CNet indicts Yahoo of a "significant security failure," explaining that passwords are usually "cryptographically masked" in a process called "hashing" to prevent the type of attack that occurred.
The hackers claim they released the information to point out Yahoo's lax security and not for any mischief.
What to do?
CNet advises that everyone with a Yahoo ID should assume that it is no more secure and that they should change their passwords.
The website advises that you should change your passwords, especially if you have used the same password for any other major service, particularly for sensitive accounts such as banking, investing, or email.
Read more: http://www.digitaljournal.com/article/328439
The tech site CNet, also reports that Yahoo has suffered a major password breach. According to CNet, the hacker collective called D33D Co. published login credentials obtained from Yahoo's "Contributor Network" site using a "union-based SQL injection," a method for tricking the database on a poorly secured site to divulge private information. CNet reports that the Yahoo Contributor Network, formerly a content farm called Associated Content, was purchased by Yahoo for more than $100 million. According to CNet, the published files contain "huge number" of login credentials for many other email services. (Gmail: 106,873; Hotmail: 55,148, AOL: 25,521).
CNet indicts Yahoo of a "significant security failure," explaining that passwords are usually "cryptographically masked" in a process called "hashing" to prevent the type of attack that occurred.
The hackers claim they released the information to point out Yahoo's lax security and not for any mischief.
What to do?
CNet advises that everyone with a Yahoo ID should assume that it is no more secure and that they should change their passwords.
The website advises that you should change your passwords, especially if you have used the same password for any other major service, particularly for sensitive accounts such as banking, investing, or email.
Read more: http://www.digitaljournal.com/article/328439
InfoView thread info, including edit history
TrashPut this thread in your Trash Can (My DU » Trash Can)
BookmarkAdd this thread to your Bookmarks (My DU » Bookmarks)
1 replies, 1981 views
ShareGet links to this post and/or share on social media
AlertAlert this post for a rule violation
PowersThere are no powers you can use on this post
EditCannot edit other people's posts
ReplyReply to this post
EditCannot edit other people's posts
Rec (1)
ReplyReply to this post
1 replies
= new reply since forum marked as read
Highlight:
NoneDon't highlight anything
5 newestHighlight 5 most recent replies
450,000 Yahoo passwords leaked — How to check if you are affected (Original Post)
Electric Monk
Jul 2012
OP
bananas
(27,509 posts)1. It wasn’t just Yahoo! email addresses, they were from everywhere, including .mil and .gov
http://mashable.com/2012/07/12/yahoo-voices-hacked/
<snip>
But it wasnt just Yahoo! email addresses that have been infiltrated: Gmail, MSN, Hotmail, Comcast and AOL accounts have also been hacked. (Yahoo! Voices allows you to sign in with non-Yahoo! email addresses.)
<snip>
<snip>
But it wasnt just Yahoo! email addresses that have been infiltrated: Gmail, MSN, Hotmail, Comcast and AOL accounts have also been hacked. (Yahoo! Voices allows you to sign in with non-Yahoo! email addresses.)
<snip>
http://blog.sucuri.net/2012/07/analysis-of-yahoo-voice-password-leak-453441-passwords-exposed.html
Analysis of Yahoo Voice Password Leak 453,441 Passwords Exposed
Posted on July 12, 2012 by Daniel Cid
<snip>
The accounts are from multiple email providers, including Yahoo, Gmail, Hotmail and others. This is the list of where most accounts were:
There are also passwords from multiple .GOV and .MIL addresses, which can be very dangerous if their users were reusing passwords:
<snip>
Analysis of Yahoo Voice Password Leak 453,441 Passwords Exposed
Posted on July 12, 2012 by Daniel Cid
<snip>
The accounts are from multiple email providers, including Yahoo, Gmail, Hotmail and others. This is the list of where most accounts were:
135599 yahoo.com
106185 gmail.com
54393 hotmail.com
24677 aol.com
8422 comcast.net
6282 msn.com
106185 gmail.com
54393 hotmail.com
24677 aol.com
8422 comcast.net
6282 msn.com
There are also passwords from multiple .GOV and .MIL addresses, which can be very dangerous if their users were reusing passwords:
number of accounts, domain
160 us.army.mil
64 gamil.com
28 navy.mil
18 usmc.mil
5 education.nsw.gov.au
4 jocogov.org
3 utah.gov
3 usdoj.gov
3 ssa.gov
3 schools.nyc.gov
3 ky.gov
3 irs.gov
3 gsa.gov
3 dc.gov
2 va.gov
2 usps.gov
2 tucsonaz.gov
2 salemct.gov
2 police.vic.gov.au
2 okc.gov
2 nasa.gov
2 mt.gov
2 med.va.gov
2 hud.gov
2 ed.gov
2 dmh.mo.gov
2 dhs.gov
160 us.army.mil
64 gamil.com
28 navy.mil
18 usmc.mil
5 education.nsw.gov.au
4 jocogov.org
3 utah.gov
3 usdoj.gov
3 ssa.gov
3 schools.nyc.gov
3 ky.gov
3 irs.gov
3 gsa.gov
3 dc.gov
2 va.gov
2 usps.gov
2 tucsonaz.gov
2 salemct.gov
2 police.vic.gov.au
2 okc.gov
2 nasa.gov
2 mt.gov
2 med.va.gov
2 hud.gov
2 ed.gov
2 dmh.mo.gov
2 dhs.gov
<snip>
Here's the password checker: http://labs.sucuri.net/?yahooleak