More than 400,000 Yahoo passwords posted online as Yahoo Voices blog site hacked
A hacker group going by the name of D33ds Company, has posted more than 400,000 unencrypted Yahoo Voices passwords. The hackers were able to obtain the information through an SQL injection, the same method that gave Sony trouble in 2011.
Though it remains unclear which Yahoo service the passwords came from, or if they came from Yahoo at all, but it is widely suggested the hacked service was Yahoo Voices, a user-generated blog platform.
Yahoo issued a statement earlier advising: “We are currently investigating the claims of a compromise of Yahoo user IDs.”
The original D33ds site which posted the logins was taken offline this morning, but, the text file of the IDs is still available through torrents and sites such as Media Fire.
According to US security firm Trustedsec, the compromised Yahoo passwords were associated with a variety of email addresses including yahoo.com, gmail.com and aol.com. Hours after the attack came to light Yahoo had placed a warning on its site, and a statement issued by Yahoo encouraged users to “change their passwords on a regular basis.”