Loading…
Sunday, July 13, 2014
Current Weather
Loading Current Weather....
Published: Thursday, 7/12/2012 - Updated: 2 years ago

Yahoo says it's investigating a report of a breach involving 450,000 passwords

ASSOCIATED PRESS

LONDON — Yahoo Inc. said Thursday it is investigating reports of a security breach that may have exposed nearly half a million users' email addresses and passwords.

The company said it was looking into "claims of a compromise of Yahoo! user IDs" but did not disclose the size of the reported breach or how it may have happened. Yahoo's Head of U.K. Consumer PR Caroline MacLeod-Smith said that she couldn't immediately provide any more detail on the breach "as we are still investigating it."

Technology news websites including CNET, Ars Technica, and Mashable cited hackers calling themselves the D33D Company as claiming responsibility for the attack, adding that data posted to the group's website carried more than 453,000 login credentials from an unidentified Yahoo subdomain.

The little-known group was quoted as saying that they had stolen the passwords using an SQL injection — the name given to a commonly-used attack in which hackers use rogue commands to extract data from vulnerable websites.

"We hope that the parties responsible for managing the security of this subdomain will take this as a wake-up call," the group was quoted as saying.

A Ukraine-registered website associated with D33D Company appeared to be unreachable Thursday; an email address and a phone number attributed to the site's registrant appeared to be invalid.



Guidelines: Please keep your comments smart and civil. Don't attack other readers personally, and keep your language decent. If a comment violates these standards or our privacy statement or visitor's agreement, click the "X" in the upper right corner of the comment box to report abuse. To post comments, you must be a Facebook member. To find out more, please visit the FAQ.