LONDON
(AP) — Some 450,000 Yahoo users' email addresses and passwords have
been leaked because of a security breach, the company confirmed
Thursday, adding that just a small fraction of the stolen passwords were
valid.
The
company said in a statement that an "old file" from the Yahoo
Contributor Network was compromised Wednesday. Among the stolen emails
and passwords were.. many from Yahoo's own email service along with those
of other companies. The Yahoo Contributor Network is a content-sharing
platform.
Yahoo
said it is fixing the vulnerability that led to the disclosure,
changing the passwords of affected Yahoo users, and notifying other
companies whose users' accounts may have been compromised.
"We apologize to all affected users," the company statement said.
Technology
news websites including CNET, Ars Technica, and Mashable identified the
hackers behind the attack as a little-known outfit calling itself the
D33D Company. The group was quoted as saying it had stolen the
unencrypted passwords using an SQL injection — the name given to a
commonly used attack in which hackers use rogue commands to extract data
from vulnerable websites.
No comments:
Post a Comment