Did you check your yahoo email this morning? Hold it right there! Don’t open the account. It could be hacked! Reports are just coming in that Yahoo has been hacked and that 450000 user passwords have been stolen. You could be one of them.
The news in detail
Hacker group D33D broke into Yahoo’s network and stole the login information of about 450,000 individuals who use Yahoo and other popular Internet email services that include Gmail, AOL, Verizon.net, and MSN.
The hacker group stole email addresses and passwords of people signed up for the Yahoo Contributor Network which is a place for budding writers, photographers, and videographers who want to publish their work on the Internet. Users here have a choice to use an outside email address to join the network and hence the stolen information had user names and passwords for accounts on multiple email services.
Yahoo spokeswoman Dana Lengkeek’s statement
“Users whose network passwords matched their email passwords were vulnerable to being hacked. We are taking immediate action by fixing the vulnerability that led to the disclosure of this data, changing the passwords of the affected Yahoo users, and notifying the companies whose users accounts may have been compromised,” . “We encourage users to change their passwords on a regular basis, and also familiarize themselves with our online safety tips at security.yahoo.com.”
Why did Yahoo not encrypt?
It is hard to believe that Yahoo did not even take the basic safety precaution such as encrypting passwords. The best thing for anyone to do so as not to get their accounts hacked is to keep changing their passwords more than often.
An authority on security said “The key thing is from a corporate perspective: perhaps invest more in security,”. “If Yahoo! didn’t [encrypt their passwords], they were probably cutting corners on other things.” There’s no way to know if you’re hacked, but a password change is probably a good idea. “I would recommend if people know that they use that particular network, change their password,” he said, “and if they feel uneasy about it, change their password anyway.”
Why did D33Ds do what they did?
According to D33Ds they stole the data and put a note describing the download “as a wake-up call and not as a threat.” The hacker group wants to prove how vulnerable Yahoo really is.
What is Yahoo doing to prevent this from happening again?
Yahoo is in the process of fixing this critical bug that led to the data breach. It also plans to change affected users’ passwords and notify companies with accounts that might have been compromised.