Few details are known at this point however, a recent post over 400,000 plus accounts that have clear text passwords were posted online. The passwords contained a wide variety of email addresses including those from yahoo.com, gmail.com, aol.com, and much more. The affected website was only named as a subdomain of yahoo.com however digging through and searching for the hostname, the attacker forgot to remove the hostname “dbb1.ac.bf1.yahoo.com” (credit to Mubix for the hostname find). Looking through a variety of sources, it appears that the compromised server was likely “Yahoo! Voices” which was formally known as Associated Content (credit to Adam Caudill for the linkage).
The most alarming part to the entire story was the fact that the passwords were stored completely unencrypted and the full 400,000+ usernames and passwords are now public. The method for the compromise was apparently a SQL Injection attack to extract the sensitive information from the database.
Below is a small snippet of what the passwords looked like from the leaked document (email addresses redacted):
If you are concerned about your password and for a full list of all of the usernames and passwords compromised; head over to the below link. Note that the filesize is large and will take quite a long time to load.
http://d33ds.co.nyud.net/archive/yahoo-disclosure.txt
There has been no official confirmation from Yahoo or any other sources as of yet.
UPDATE: Note, fixed the title and body to reflect “Yahoo! Voices” not “Voice”. They are two separate applications
There is a lot of information on your website especially with their yahoo tech support or yahoo support info.
ReplyDelete