November 15, 2024

Bits Blog: Yahoo Breach Extends Beyond Yahoo to Gmail, Hotmail, AOL Users

Yahoo confirmed Thursday that a file containing approximately 400,000 usernames and passwords to Yahoo and other companies was stolen Wednesday. A group of hackers, known as the D33D Company, posted usernames and passwords for what appeared to be 453,492 accounts belonging to Yahoo, but also Gmail, AOL, Hotmail, Comcast, MSN, SBC Global, Verizon, BellSouth and Live.com users.

The hackers wrote a brief footnote to the data dump, which has since been pulled offline:

“We hope that the parties responsible for managing the security of this subdomain will take this as a wake-up call, and not as a threat. There have been many security holes exploited in Web servers belonging to Yahoo Inc. that have caused far greater damage than our disclosure. Please do not take them lightly. The subdomain and vulnerable parameters have not been posted to avoid further damage.”

The hackers claimed to have stolen the passwords using a hacking technique called an SQL injection, which exploits a software vulnerability.

The breach comes just one month after LinkedIn, the online social network for professionals, had millions of user passwords exposed after hackers breached its systems. The breaches highlight the ease with which hackers are able to infiltrate systems, even at some of the most widely-used and sophisticated technology companies.

Security researchers at Rapid7, a security company, analyzed the dumped account information and found that it included account information not just for Yahoo users but for Gmail, AOL, Hotmail, Comcast, MSN, SBC Global, Verizon, BellSouth and Live.com users. Marcus Carey, a researcher at Rapid7, found that among the data were some 106,000 Gmail accounts, 55,000 Hotmail accounts and 25,000 AOL accounts.

Dana Lengkeek, a spokeswoman for Yahoo, said that the compromised accounts belonged to Yahoo’s Contributor Network, previously Associated Content, and that fewer than 5 percent of the passwords posted were still valid.

“We are fixing the vulnerability that led to the disclosure of this data, changing the passwords of the affected Yahoo users and notifying companies whose user accounts may have been compromised,” Ms. Lengkeek said in the statement. “We apologize to affected users. We encourage users to change their passwords on a regular basis.”

Mr. Carey said it was unclear whether Yahoo’s breach had been contained and noted that hackers could still be inside its systems.

“Since Yahoo is still investigating this breach there’s a possibility that it hasn’t been contained yet,” Mr. Carey said in an e-mail, adding that people may need to change their passwords multiple times. “You should still go ahead and change it straight away, but you may have to change it for a second time if it turns out attackers are still entrenched in Yahoo’s systems.”

Yahoo users should also consider changing their passwords to other sites for which they might have used the same password, as hackers tend to test those passwords across multiple sites. For more tips on how to craft a secure password, click here.

Article source: http://bits.blogs.nytimes.com/2012/07/12/yahoo-breach-extends-beyond-yahoo-to-gmail-hotmail-aol-users/?partner=rss&emc=rss

Speak Your Mind