Yahoo Confirms 400,000 User Accounts Stolen by Hackers

San Francisco, Jul 13 (IANS): Yahoo has confirmed that hackers had stolen around 400,000 account credentials from its computer system.

In a statement to technology blog TechCrunch Thursday, Yahoo said that "approximately 400,000 Yahoo! and other company users' names and passwords" were stolen July 11, reported Xinhua.

The company said it is fixing the vulnerability that led to the theft, changing passwords of affected users and notifying the companies whose user accounts may have been compromised. But it did not reveal the exact number of the compromised accounts or identify those other companies affected.

Late Wednesday, a hacking group known as D33Ds Company posted 453,492 account credentials in plain text on a public website, claiming that it did so as a "wake-up call" rather than a threat to Yahoo.

"There have been many security holes exploited in web servers belonging to Yahoo! Inc. that have caused far greater damage than our disclosure. Please do not take them lightly," said the group at the end of the post.

D33Ds added that some sensitive information they had got was not posted to avoid further damage.

Security firm TrustedSec said the hacked service may be Yahoo Voices, a Yahoo division focusing on online publishing which was formerly called Associated Content.

"The most alarming part to the entire story was the fact that the passwords were stored completely unencrypted," said TrustedSec in its blog.


Top Stories

Leave a Comment

Title: Yahoo Confirms 400,000 User Accounts Stolen by Hackers

You have 2000 characters left.


Please write your correct name and email address. Kindly do not post any personal, abusive, defamatory, infringing, obscene, indecent, discriminatory or unlawful or similar comments. will not be responsible for any defamatory message posted under this article.

Please note that sending false messages to insult, defame, intimidate, mislead or deceive people or to intentionally cause public disorder is punishable under law. It is obligatory on Daijiworld to provide the IP address and other details of senders of such comments, to the authority concerned upon request.

Hence, sending offensive comments using daijiworld will be purely at your own risk, and in no way will be held responsible.