March 23, 2023

Bits Blog: Yahoo Breach Extends Beyond Yahoo to Gmail, Hotmail, AOL Users

Yahoo confirmed Thursday that a file containing approximately 400,000 usernames and passwords to Yahoo and other companies was stolen Wednesday. A group of hackers, known as the D33D Company, posted usernames and passwords for what appeared to be 453,492 accounts belonging to Yahoo, but also Gmail, AOL, Hotmail, Comcast, MSN, SBC Global, Verizon, BellSouth and users.

The hackers wrote a brief footnote to the data dump, which has since been pulled offline:

“We hope that the parties responsible for managing the security of this subdomain will take this as a wake-up call, and not as a threat. There have been many security holes exploited in Web servers belonging to Yahoo Inc. that have caused far greater damage than our disclosure. Please do not take them lightly. The subdomain and vulnerable parameters have not been posted to avoid further damage.”

The hackers claimed to have stolen the passwords using a hacking technique called an SQL injection, which exploits a software vulnerability.

The breach comes just one month after LinkedIn, the online social network for professionals, had millions of user passwords exposed after hackers breached its systems. The breaches highlight the ease with which hackers are able to infiltrate systems, even at some of the most widely-used and sophisticated technology companies.

Security researchers at Rapid7, a security company, analyzed the dumped account information and found that it included account information not just for Yahoo users but for Gmail, AOL, Hotmail, Comcast, MSN, SBC Global, Verizon, BellSouth and users. Marcus Carey, a researcher at Rapid7, found that among the data were some 106,000 Gmail accounts, 55,000 Hotmail accounts and 25,000 AOL accounts.

Dana Lengkeek, a spokeswoman for Yahoo, said that the compromised accounts belonged to Yahoo’s Contributor Network, previously Associated Content, and that fewer than 5 percent of the passwords posted were still valid.

“We are fixing the vulnerability that led to the disclosure of this data, changing the passwords of the affected Yahoo users and notifying companies whose user accounts may have been compromised,” Ms. Lengkeek said in the statement. “We apologize to affected users. We encourage users to change their passwords on a regular basis.”

Mr. Carey said it was unclear whether Yahoo’s breach had been contained and noted that hackers could still be inside its systems.

“Since Yahoo is still investigating this breach there’s a possibility that it hasn’t been contained yet,” Mr. Carey said in an e-mail, adding that people may need to change their passwords multiple times. “You should still go ahead and change it straight away, but you may have to change it for a second time if it turns out attackers are still entrenched in Yahoo’s systems.”

Yahoo users should also consider changing their passwords to other sites for which they might have used the same password, as hackers tend to test those passwords across multiple sites. For more tips on how to craft a secure password, click here.

Article source:

Bits Blog: Stratfor Hackers Claim Another Attack

Hackers who said they attacked Stratfor Global Intelligence service, a security research group based in Austin, Tex., over the weekend have claimed a second target: Special Forces, a veterans-owned Web site that sells military-inspired merchandise and gives away a portion of profits to charity.

The hackers, who claim to be members of the collective known as Anonymous, said they had breached the server Tuesday and stolen customers’ credit card details and passwords, in what they said was stage two of a “week long celebration of wreaking utter havoc on global financial systems, militaries and governments.”

In a posting online , the hackers said they were able to steal customer credit card information even though the site’s data was encrypted, and claimed to have 14,000 passwords and details for 8,000 credit cards belonging to Special Forces’ customers. They said they breached the Special Forces’ site months ago.

By Wednesday, IdentityFinder, a maker of data protection software, confirmed that had been compromised and determined that hackers had taken 7,277 unique credit card numbers, 40,854 e-mail addresses and released 36,368 usernames and passwords.

In a statement, Special Forces said its servers were hacked by Anonymous last August but added that it had “no evidence of any further security breaches and we believe that the recent Stratfor incident is being used to bring this old news back into the spotlight.”

Article source: