[LINK] yahoo password and email breach

[Jan Whitaker]

Yahoo investigating reported mass password breach

Published: July 12, 2012 - 11:00PM

Yahoo Inc. said Thursday it is investigating reports of a security 
breach that may have exposed nearly half a million users' email 
addresses and passwords.

The company said it was looking into "claims of a compromise of 
Yahoo! user IDs" but did not disclose the size of the reported breach 
or how it may have happened. Yahoo's Head of U.K. Consumer PR 
Caroline MacLeod-Smith said that she couldn't immediately provide any 
more detail on the breach "as we are still investigating it."

Technology news websites including CNET, Ars Technica, and Mashable 
cited hackers calling themselves the D33D Company as claiming 
responsibility for the attack, adding that data posted to the group's 
website carried more than 453,000 login credentials from an 
unidentified Yahoo subdomain.

The little-known group was quoted as saying that they had stolen the 
passwords using an SQL injection _ the name given to a commonly-used 
attack in which hackers use rogue commands to extract data from 
vulnerable websites.

"We hope that the parties responsible for managing the security of 
this subdomain will take this as a wake-up call," the group was 
quoted as saying.

A Ukraine-registered website associated with D33D Company appeared to 
be unreachable Thursday; an email address and a phone number 
attributed to the site's registrant appeared to be invalid.

This story was found at: 
http://news.theage.com.au/breaking-news-technology/yahoo-investigating-reported-mass-password-breach-20120712-21z1v.html 




Melbourne, Victoria, Australia
jwhit at janwhitaker.com
blog: http://janwhitaker.com/jansblog/
business: http://www.janwhitaker.com

Our truest response to the irrationality of the world is to paint or 
sing or write, for only in such response do we find truth.
~Madeline L'Engle, writer

_ __________________ _