Jul 13
Phandroid has announced that a hacker has recently accessed its user database, making off with usernames, email addresses and hashed passwords—and the problem looks like it could affect all of its one million-plus users. More »
Jul 12
Online account security breaches are seemingly commonplace these days — just ask LinkedIn or Sony — and now we can add Yahoo’s name to the list of hacking victims. The company’s confirmed that it had the usernames and passwords of over 400,000 accounts stolen from its servers earlier this week and the data was briefly posted online. The credentials have since been pulled from the web, but it turns out they weren’t just for Yahoo accounts, as Gmail, AOL, Hotmail, Comcast, MSN, SBC Global, Verizon, BellSouth and Live.com login info was also pilfered and placed on display. The good news? Those responsible for the breach said that the deed was done to simply show Yahoo the weaknesses in its software security. To wit:
We hope that the parties responsible for managing the security of this subdomain will take this as a wake-up call, and not as a threat. There have been many security holes exploited in Web servers belonging to Yahoo Inc. that have caused far greater damage than our disclosure. Please do not take them lightly. The subdomain and vulnerable parameters have not been posted to avoid further damage.
In response, Yahoo’s saying that a fix for the vulnerability is in the works, but the investigation is ongoing and its system has yet to be fully secured. In the meantime, the company apologized for the breach and is advising users to change their passwords accordingly. You can read the official party line below.
At Yahoo! we take security very seriously and invest heavily in protective measures to ensure the security of our users and their data across all our products. We confirm that an older file from Yahoo! Contributor Network (previously Associated Content) containing approximately 400,000 Yahoo! and other company users names and passwords was stolen yesterday, July 11. Of these, less than 5% of the Yahoo! accounts had valid passwords. We are fixing the vulnerability that led to the disclosure of this data, changing the passwords of the affected Yahoo! users and notifying the companies whose users accounts may have been compromised. We apologize to affected users. We encourage users to change their passwords on a regular basis and also familiarize themselves with our online safety tips at security.yahoo.com.
Filed under: Internet
Yahoo confirms server breach, over 400k accounts compromised originally appeared on Engadget on Thu, 12 Jul 2012 14:41:00 EDT. Please see our terms for use of feeds.
Permalink | 
TechCrunch, New York Times | Email this | Comments
Jul 12
Hacking collective D33Ds Company has posted login details for more than 453,000 user accounts that it claims to have retrieved in plaintext from an unconfirmed service on Yahoo. More »
Jul 09
Most secure services ask users for some personal details to generate security questions. Some of the classics you can do little about—but humor news site NewsBiscuit amusingly points out that pet names can, and should, be changed on a regular basis in the interests of security. More »
Jun 29
Image credit: Nexstar Broadcasting Group
In Evansville, Indiana, a Police SWAT team has executed a search warrant on a home in full tactical gears. The reason: threats perpetrated against local Police forces over the internet, threatening the officers lives, their family, including the mention of home-made bombs. The Police needed no more to quickly find what Internet address was used to send the threats, and what physical address it was linked to.
But when they executed the search warrant -with flash bangs (sounds/light grenades designed to disorient) and all- they found an innocent family that had no idea of why this was happening. Shortly after, the Police realized that they were misled by the IP address from the threat message, and that they got the wrong folks. (more…)
By Ubergizmo. Related articles: eHarmony confirms password breach , Radio Tactics’ ACESO Kiosk mobile data extraction to be used by London Police,
Who's in charge here?
This is site is run by Sascha Endlicher, M.A., during ungodly late night hours. Wanna know more about him? Connect via Social Media by jumping to about.me/sascha.endlicher.