Α Group of hackers call itself “The D33Ds Company” published a huge list of yahoo credentials on the Internet that were allegedly stolen from a database associated with an unnamed Yahoo service.
In last month the microblogging site Twitter was on the target and around 55,000 Twitter usernames and passwords leaked by Anonymous hackers.But today its Yahoo turn and the group of hackers succeeded in it by exploiting an SQL injection vulnerability found on a Yahoo subdomain.
The leaked information includes MySQL server variables, names of database tables and columns, as well as a list of 453,492 email addresses and passwords in plain text.They posted them on their site here (There may be server problem due to high request)
An analysis of data by Eset found that the passwords contained a wide variety of email addresses including those from yahoo.com, gmail.com, aol.com etc. and were stored completely unencrypted.The most common password was “1234546” used by 1,666 users and the word “password” seen 780 times. These are all passwords that could easily be cracked by the most novice of hackers.
Here is the Yahoo statement on the hack,
“At Yahoo! we take security very seriously and invest heavily in protective measures to ensure the security of our users and their data across all our products. We confirm that an older file from Yahoo! Contributor Network (previously Associated Content) containing approximately 400,000 Yahoo! and other company users names and passwords was stolen yesterday,July 11. Of these, less than 5% of the Yahoo! accounts had valid passwords. We are fixing the vulnerability that led to the disclosure of this data, changing the passwords of the affected Yahoo! users and notifying the companies whose users accounts may have been compromised. We apologize to affected users. We encourage users to change their passwords on a regular basis and also familiarize themselves with our online safety tips at security.yahoo.com.”
How To Check If Your Yahoo Credentials Leaked?
If your yahoo credentials found in the list or not We recommend Yahoo users to change the password immediately.And if you have added another email to yahoo (say gmail.com) and the password for both the email service is same,then its highly recommended to change the password of that email account too.And always keep in mind “Not to use same password for different online accounts especially when your email address is used as username.