Yahoo probes claim of mass security breach
Source: Agencies |
July 13, 2012, Friday
|
Print Edition
Print Edition
YAHOO Inc said it is investigating reports of a security breach that may have exposed nearly 500,000 users' e-mail addresses and passwords.
The company said it was looking into "claims of a compromise of Yahoo! user IDs" but did not disclose the size of the reported breach or how it may have happened. Yahoo's head of UK Consumer PR, Caroline MacLeod-Smith, said she couldn't provide any more details on the breach "as we are still investigating it."
Technology news websites including CNET, Ars Technica, and Mashable cited hackers calling themselves the D33D Company as claiming responsibility for the attack, adding that data posted to the group's website carried over 453,000 login credentials from an unidentified Yahoo subdomain.
The little-known group was quoted as saying that they had stolen the passwords using an SQL injection - the name given to a commonly-used attack in which hackers use rogue commands to extract data from vulnerable websites.
"We hope that the parties responsible for managing the security of this subdomain will take this as a wake-up call," the group was quoted as saying.
A Ukraine-registered website linked with D33D Company seemed unreachable yesterday.
The company said it was looking into "claims of a compromise of Yahoo! user IDs" but did not disclose the size of the reported breach or how it may have happened. Yahoo's head of UK Consumer PR, Caroline MacLeod-Smith, said she couldn't provide any more details on the breach "as we are still investigating it."
Technology news websites including CNET, Ars Technica, and Mashable cited hackers calling themselves the D33D Company as claiming responsibility for the attack, adding that data posted to the group's website carried over 453,000 login credentials from an unidentified Yahoo subdomain.
The little-known group was quoted as saying that they had stolen the passwords using an SQL injection - the name given to a commonly-used attack in which hackers use rogue commands to extract data from vulnerable websites.
"We hope that the parties responsible for managing the security of this subdomain will take this as a wake-up call," the group was quoted as saying.
A Ukraine-registered website linked with D33D Company seemed unreachable yesterday.
- About Us
- |
- Terms of Use
- |
-
RSS - |
- Privacy Policy
- |
- Contact Us
- |
- Shanghai Call Center: 962288
- |
- Tip-off hotline: 52920043
- 娌狪CP璇侊細娌狪CP澶05050403鍙-1
- |
- 浜掕仈缃戞柊闂讳俊鎭湇鍔¤鍙瘉锛31120180004
- |
- 缃戠粶瑙嗗惉璁稿彲璇侊細0909346
- |
- 骞挎挱鐢佃鑺傜洰鍒朵綔璁稿彲璇侊細娌瓧绗354鍙
- |
- 澧炲肩數淇′笟鍔$粡钀ヨ鍙瘉锛氭勃B2-20120012
Copyright 漏 1999- Shanghai Daily. All rights reserved.Preferably viewed with Internet Explorer 8 or newer browsers.
