IT Pro is supported by its audience. When you purchase through links on our site, we may earn an affiliate commission. Learn more

Hackers claim to have stolen 400,000 Yahoo passwords

Has the search giant become the latest high-profile name to be targeted by hackers?

Yahoo logo

Search giant Yahoo may have become the latest high-profile internet site to suffer a password leak after 453,491 of its users' login details were apparently posted online.

The username and passwords are said to belong to members of the Yahoo Voices content sharing network and were posted on the website of well-known hacking group D33Ds.

We hope that the parties responsible for managing the security of this sub-domain will take this as a wake-up call.

In an accompanying post, the hacking group said the attack should prompt Yahoo into tightening its security.

"We hope that the parties responsible for managing the security of this sub-domain will take this as a wake-up call, and not as a threat," said the group.

The breach follows on from last month's spate of password hacks, which blighted networking sites like LinkedIn, eHarmony and LastFM.

In another blog post by US security firm TrustedSec, it was claimed the information may have been obtained through an SQL injection attack.

"The most alarming part to the entire story was the fact that the passwords were stored completely unencrypted and the full 400,000+ usernames and passwords are now public," said the post.

"The passwords contained a wide variety of email addresses including those from yahoo.com, gmail.com, aol.com, and much more," it added.

At the time of writing, IT Pro was awaiting a response from Yahoo.

However, according to a report on the BBC News site, Yahoo said it was investigating the breach.

Anna Brading, a contributor to Sophos' Naked Security blog, said, even though D33Ds say they have no plans to use the data, it is accessible to anyone online.

"The only silver lining on the cloud is that the website hosting the passwords is temperamental, and people are experiencing difficulties accessing the information," said Brading.

"But maybe the access problems are being caused by so many people trying to access the stolen passwords at once? "

Featured Resources

The COO's pocket guide to enterprise-wide intelligent automation

Automating more cross-enterprise and expert work for a better value stream for customers

Free Download

Introducing IBM Security QRadar XDR

A comprehensive open solution in a crowded and confusing space

Free Download

2021 Gartner critical capabilities for data integration tools

How to identify the right tool in support of your data management solutions

Free Download

Unified endpoint management solutions 2021-22

Analysing the UEM landscape

Free Download

Recommended

The IT Pro Products of the Year 2021: The year’s best hardware and software
Hardware

The IT Pro Products of the Year 2021: The year’s best hardware and software

31 Dec 2021
Sophos Intercept X Advanced review: AI-powered protection
endpoint security

Sophos Intercept X Advanced review: AI-powered protection

30 Nov 2021
The worst hacks of all time
hacking

The worst hacks of all time

30 Sep 2021
Eight steps to fight ransomware
Whitepaper

Eight steps to fight ransomware

28 Sep 2021

Most Popular

Samsung proposes 11 Texas semiconductor plants worth $191 billion
Hardware

Samsung proposes 11 Texas semiconductor plants worth $191 billion

21 Jul 2022
How to boot Windows 11 in Safe Mode
Microsoft Windows

How to boot Windows 11 in Safe Mode

29 Jul 2022
Should you take your password manager off the internet?
Sponsored

Should you take your password manager off the internet?

28 Jul 2022