Nearly Half A Million Yahoo Email Addresses and Passwords Hacked
Yahoo! now faces security concern just like what happened to LinkedIn as hacker group D33D Company is making headlines on Thursday morning after announcing that it attacked over 453,000 log-in credentials, including Yahoo email addresses and passwords. D33D Company, which was previously an unknown group, is reportedly associated with a Ukraine-registered website. The group has posted online the details of hundreds of thousands of unencrypted user accounts, claiming that they came from an unidentified subdomain of Yahoo’s website.
While no specific Yahoo server has been confirmed as a part of the alleged attack, some say the affected accounts belong to a voice-over-internet-protocol (VOIP) service called Yahoo Voices, which operates with Yahoo’s instant messenger service
The hackers used an attack which is known as a union-based SQL injection which preys on poorly secured web applications which do not scan data entered into input fields, such as a search box, properly. The main issue arising from this data dump in terms of security is that it reveals Yahoo stores at least some of its users’ sensitive information in plaintext, unlike Android Forums and FormSpring, which both encrypted their passwords. This could potentially pose a much bigger problem for Yahoo because it means the hackers who stole the passwords could begin using them on other sites immediately without having to crack them.
How to Change Your Yahoo! Mail Password
To change the password on your Yahoo! account, simply following these steps:
1. Go to Yahoo!’s password change tool.
Enter the Yahoo! ID and password credentials for the account you’re changing.
Note: For enhanced security, you are asked to sign into your account again, even if you are already signed in.
2. Type your current password into the “Current Password” field, then enter a new password into both the “New Password” and “Retype New Password” fields.
Note: You may experience fewer account security issues if you choose a strong password.
3. Click Save to submit and confirm your password changes.