Skip to main content

450,000 Credentials Stolen and Posted from Yahoo

By July 13, 2012June 5th, 2021Technology News

Hackers who recently stole nearly half a million pieces of information from Yahoo said they intended for the breach to be a “wake-up call” to companies that aren’t investing enough in security.

D33D Company, one of the largest hacking websites on the Web, reports that the hackers used a union-based SQL technique to invade a high-traffic Yahoo subdomain. “We hope that the parties responsible for managing the security of this subdomain will take this as a wake-up call, and not as a threat,” the hackers wrote at the bottom of the data post. “There have been many security holes exploited in webservers belonging to Yahoo! Inc. that have caused far greater damage than our disclosure. Please do not take them lightly. The subdomain and vulnerable parameters have not been posted to avoid further damage.”

The data was stolen from a subdomain that belongs to Yahoo Voices – the hackers didn’t remove the hostname from the posted data. Dbb1.ac.bf1.yahoo.com is a host name that appears to only be associated with the Yahoo Voices platform, also known as Associated Content.

Currently, Yahoo says they are looking into the matter carefully. According to a statement on BBC’s website, Yahoo is “currently investigating the claims of a compromise of Yahoo! User IDs,” and continued by saying that they were unsure where the breach was and what portion of usernames were affected.

Password security has become of utmost importance in the past few weeks. Less than two months ago, 8 million passwords and usernames were posted from LinkedIn, eHarmony, and Last.fm. The passwords ranged from “12345” to “startrek”. Earlier this week, Formspring disabled the passwords of every single user because some 420,000 hashed passwords had been posted to a security forum the day before.

Photo Credit: Brian Leary

Jason Manteiga

Jason Manteiga

Jason J. Manteiga, Vice President of Olmec Systems, has been part of the company for over the past 20 years. He believes that having a great work environment and supportive team, is the ultimate key to success. Since being in the IT realm for over 25 years, Jason, along with Olmec Systems, has been on the Inc. 5000 “List of America’s Fastest Growing Private Companies” and Channel Futures MSP 501 “Top Managed Service Providers in North America,” along with other awards and nominations. Jason earned his Bachelor Degree in Information Systems from the New Jersey Institute of Technology. He also holds certifications in Microsoft MCSE, VMWare VCP, and Cisco CCNA. In his spare time, Jason is a contributor for The Center for Social & Legal Research (Privacy Exchange) and a member of the Morris County Chamber of Commerce. His hobbies include cycling and kayaking. He currently lives in New Jersey with his wife, two daughters and son.

Leave a Reply