gregorylnewton

A Site For All Your Needs

Hackers expose login details of 450,000 Yahoo! users

Reuters/Albert Gea

By Albert Gea

The security details of almost half a million internet users have been compromised, after hackers posted what appear to be login credentials to online accounts. Yahoo has confirmed the security breach.

The material was posted by a hacking collective known as D33Ds Company, according to Ars Technica. The group said in a statement at the bottom of the data that they used a technique known as a union-based SQL injection, which preys on poorly-secured web applications.

The hackers claim the information was gathered from a service on the Yahoo network.

The subdomain may to belong to Yahoo Voices, a contribution service which allows user-generated content to be published online, according to security firm Trusted Sec.

The method attacks sites that do not properly examine text which is entered into search boxes and other input fields. Hackers then inject database commands which trick servers into sharing large amounts of sensitive information.

Experts say the passwords were not encrypted – making them vulnerable for any hacker to immediately gain access to online accounts.

Members of D33Ds say they intend the hack to be used as a “wake-up call.”

“We hope that the parties responsible for managing the security of this subdomain will take this as a wake-up call, and not as a threat,” the hackers said in their statement. “There have been many security holes exploited in webservers belonging to Yahoo! Inc. that have caused far greater damage than our disclosure. Please do not take them lightly.”

The latest entries in the information appear to be from accounts created in 2006, which may imply the data is old, or no longer in use.

Android Forums and Formspring were attacked at the same time. They encrypted the passwords that they stored, although there is still a possibility that they could be cracked.

Users are being encouraged to change their passwords immediately, and to check whether they used the same login details for other online services.

It is not yet known whether the three attacks are linked.

Hackers expose login details of 450,000 Yahoo! users

Tools For The Internet – This Blog Will Help You Explore Tools For The Internet

Advertisements

Single Post Navigation

One thought on “Hackers expose login details of 450,000 Yahoo! users

  1. nonviolentconflict on said:

    Reblogged this on NonviolentConflict.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: