Linking up accounts and services seems like it could make life easier doesn’t it? Until you link things up on the Internet so closely that one security breach could lead to several from you email accounts to your PayPal accounts as well as the services you use on sites like Yahoo, MSN and Google. A recent theft of over 450,000 log-in credentials were discovered from a Yahoo service. Unfortunately this theft was not limited to just Yahoo services as many people link up their services with their email address, no matter what provider they may have.
The hackers, “D33Ds Company” released a statement about the incident stating that this should be a wake up call to Yahoo for “lax security.”
“We hope that the parties responsible for managing the security of this subdomain will take this as a wake-up call, and not as a threat. There have been many security holes exploited in webservers belonging to Yahoo! Inc. that have caused far greater damage than our disclosure. Please do not take them lightly. The subdomain and vulnerable parameters have not been posted to avoid further damage.”
While the theft of this data is scary, what is even more frightening is that according to TrustedSec the passwords and information were stored completely unencrypted.
Chief technology officer at Eurosecure, antivirus vendor ESET’s distributor in Scandinavia, Anders Nilsson, revealed that the most common domain names for the leaked email addresses were aol.com, gmail.com hotmail.com and yahoo.com. You can find even more statistics about this incident and the services affected on his blog. Surprisingly enough the most common password is the one that everyone is told not to use and out of approximately 342,000 entries, 1,666 of them use the password 123456.
If you want to know if you have been compromised Continue reading 450,000 email addresses and passwords stolen from Yahoo: Is yours one of them?