Yahoo Voice compromised, hackers post over 400,000 usernames and passwords online
|
Posted By: How May I Help You NC on July 13, 2012 Updated Hacktivist group D33Ds Company says it's a wake-up call for Yahoo By Lee Bell Thu Jul 12 2012, 11:11 OVER 400,000 usernames and passwords have been posted online following what appears to be a hack of voice over IP (VoIP) service Yahoo Voice by hacktivists 'D33Ds Company'. The credentials were made available in plain text in a data dump posted online by the hacker collective on Wednesday. In the document, the group responsible for the breach said that it was intended to be "a wake-up call" for Yahoo. "We hope that the parties responsible for managing the security of this subdomain will take this as a wake-up call, and not as a threat," the hackers wrote. "There have been many security holes exploited in webservers belonging to Yahoo Inc. that have caused far greater damage than our disclosure. Please do not take them lightly. The subdomain and vulnerable parameters have not been posted to avoid further damage." According to security firm Trustedsec, the list of usernames and passwords contained a variety of email addresses including those from yahoo.com, gmail.com and aol.com. The firm said the method for the compromise was apparently a SQL injection attack to extract the sensitive information from the database. "The affected website was only named as a subdomain of yahoo.com however digging through and searching for the hostname, the attacker forgot to remove the hostname "dbb1.ac.bf1.yahoo.com", Trustedsec said in a post today. "Looking through a variety of sources, it appears that the compromised server was likely 'Yahoo Voice' which was formally known as Associated Content." At the time of writing the Trustedsec web site was unavailable. A Yahoo spokeman told The INQUIRER, "We are currently investigating the claims of a compromise of Yahoo! user IDs." "We encourage users to change their passwords on a regular basis and also familiarise themselves with our online safety tips at security.yahoo.com." Update We contacted Yahoo who confirmed the breach but said that it was actually Yahoo Voices that had been compromised, not the VIOP service Yahoo Voice. "We confirm that an older file from Yahoo Contributor Network (previously Associated Content) containing approximately 450,000 Yahoo and other company users names and passwords was compromised yesterday, July 11," a spokesperson said. "Of these, less than 5 per cent of the Yahoo accounts had valid passwords." We are taking immediate action by fixing the vulnerability that led to the disclosure of this data, changing the passwords of the affected Yahoo users and notifying the companies whose users accounts may have been compromised." Source: http://www.theinquirer.net/ If you enjoyed this article, Join HBCU CONNECT today for similar content and opportunities via email! |
 |
How May I Help You NC
Management, See Moss Interactive Bellarmine University class of 2021 Member Since January 2011 |
Comments
More From This Author
Latest News
 |
WOMEN OF GOD in UNITY Working Together ConferenceChristian's Merging Together Ministry Foundations present women of God in Unity Working Together Conference on June 20th, 2026.
www.womenofgodiuwt.com ...more
Min Sammy Jackson • 47 Views • February 28th, 2026 |
Popular News
 |
North Carolina HBCU Unity DayShaw University - Elizabeth City State University - Johnson C. Smith University - Fayetteville State University - Livingstone College - North Carolina A&T State University - North Carolina Central Uni ...more
Reginald Culpepper • 104,847 Views • August 8th, 2016 |
