BOSTON, July 12 (Reuters) - Yahoo Inc reported the theft of 400,000 user names and passwords to access its own site as well as those of other companies, saying that hackers had taken advantage of a security vulnerability in its computer systems.
Company spokeswoman Dana Lengkeek did not identify the other companies whose credentials were stolen or say how many of the stolen logins were for Yahoo's sites.
She said the data was included in "an older file."
"We are fixing the vulnerability that led to the disclosure of this data, changing the passwords of the affected Yahoo! users and notifying the companies whose users accounts may have been compromised," she said.
A hacker group had previously posted hundreds of thousands of user accounts and passwords on a public website.
The theft comes in the wake of a breach reported last month by the business networking service LinkedIn, which resulted in the release of some 6.4 million member passwords.
Company spokeswoman Dana Lengkeek did not identify the other companies whose credentials were stolen or say how many of the stolen logins were for Yahoo's sites.
She said the data was included in "an older file."
"We are fixing the vulnerability that led to the disclosure of this data, changing the passwords of the affected Yahoo! users and notifying the companies whose users accounts may have been compromised," she said.
A hacker group had previously posted hundreds of thousands of user accounts and passwords on a public website.
The theft comes in the wake of a breach reported last month by the business networking service LinkedIn, which resulted in the release of some 6.4 million member passwords.
I hope that the parties responsible for managing the security of this subdomain will take this as a wake-up call, and not as a threat, a brief note at the end of the dump stated. There have been many security holes exploited in webservers belonging to Yahoo! Inc. that have caused far greater damage than our disclosure. Please do not take them lightly. The subdomain and vulnerable parameters have not been posted to avoid further damage. The company stated that only about 5 percent of the passwords that were hacked are still current. The security company Sucuri Malware Labs has set up a tool to help they check if ours was one of the passwords potentially compromised. Market Research
ReplyDelete