Skip to main content

Yahoo Gets Hacked, Quickly Follows Up with a Patch

Yahoo recently announced that it has fixed the vulnerability in its system that led to the unauthorized release of more than 450,000 email passwords from users of Yahoo Voices. According to a blog post by Yahoo, "We have taken swift action and have now fixed this vulnerability, deployed additional security measures for affected Yahoo! users, enhanced our underlying security controls and are in the process of notifying affected users. In addition, we will continue to take significant measures to protect our users and their data."

The released data only affected those users who joined Associated Content before May 2010, the same time Yahoo acquired the company. According to Yahoo, "This compromised file was a standalone file that was not used to grant access to Yahoo systems and services." The next time the affected users sign into their Yahoo account, they will be asked to answer a series of authentication questions to change and validate account details, according to Yahoo.

The company added, "At Yahoo we take security very seriously and invest heavily in protective measures to ensure the security of our users and their data across all our products. We sincerely apologize to all affected users." Those affected users encompass 453,491 people whose emails and passwords were posted online by hacker group D33DS Company according to security firm Sophos. In a recent response to Sophos, D33DS Company stated, "We hope that the parties responsible for managing the security of this subdomain will take this as a wake-up call, and not as a threat."

Sophos recently released a new blog post that highlighted some of the insecure passwords many of the Yahoo hack victims were using. This included 1,666 people who used "123456" as their password and an additional 780 users who used "password" as their password. Among the other top choices were passwords like "welcome", "ninja", "sunshine", "princess" and "qwerty". I suddenly don't feel as bad for these people as I used to.

Yahoo isn't the only one who got hacked this week. Nvidia recently announced that it shut down its Developer Zone after it got hacked. That hack may have allowed the hacker to gain access to password information as well. In addition to Nvidia and Yahoo, Phandroid also got hacked, this one occurring on its Android forums.

Source: PC Mag - Yahoo Patches Email Vulnerability
Labels:

Comments

Post a Comment

Popular posts from this blog

Congrats on Sherman Block Supervisory Leadership Institute (SBSLI) Graduation

(Sergeant Kollin Cieadlo and Chief Bob Guthrie) Sergeant Kollin Cieadlo graduated from the  Sherman Block Supervisory Leadership Institute (SBSLI)  yesterday after completing the 9-month course. Kollin joins many other Arcadia Police Department supervisors and managers who have attended this valuable program. The courses are offered through the  California Commission on Peace Officer Standards and Training  several times each year and alternate between northern and southern California. Kollin attended 3-4 day sessions each month. Students receive reading and research assignments for each session and demand a good deal of time and effort. Congratulations to Sergeant Kollin Cieadlo on his achievement. From the POST site:  The Sherman Block Supervisory Leadership Institute (SBSLI) is a program designed to stimulate personal growth, leadership, and ethical decision-making in California law enforcement front-line supervisors. Designed and imp...
Post a Comment
Read more

Christmas Care Pack for K9 Officer Zoli

Christmas came a bit early for K9 Officer Zoli and his handler, Officer Foulks! They received a care pack from Isabella at  K9 Warriors  containing an indestructible ball, doggie blanket, shampoo, insect repellent, doggie treats, and a night watch kit for Officer Foulks with coffee and candy...awesome! Isabella is a 14-year-old young lady from South Carolina who sends care packs to police and military K9 units. What a treat! Thanks Isabella!
Post a Comment
Read more

A Free Issue of Examine.com Research Digest

Examine.com is a website that provides unbiased information on supplements and nutrition.  They publish the Examine.com Research Digest (ERD), which reviews the latest studies in these areas.  I like ERD because it does a nice job of curating recent science, making it understandable and engaging for a broad audience, and explaining important background information.  They have no conflicts of interest because they don't sell anything except information.  I've been a scientific reviewer for ERD since the beginning. Examine.com is celebrating its fifth anniversary today.  To celebrate, they offered to put together a custom issue of ERD using five of my favorite articles.  I chose articles I thought my audience would enjoy.   You can download your free copy here  (PDF). If you like it and decide you want to sign up for ERD, there is a link in the PDF, or you can visit this page .  They're having a sale today, so if you're thinking about joining, ...
Post a Comment
Read more