Yahoo probes claim of mass security breach
Source: Agencies |
July 13, 2012, Friday
|
Print Edition
Print Edition
YAHOO Inc said it is investigating reports of a security breach that may have exposed nearly 500,000 users' e-mail addresses and passwords.
The company said it was looking into "claims of a compromise of Yahoo! user IDs" but did not disclose the size of the reported breach or how it may have happened. Yahoo's head of UK Consumer PR, Caroline MacLeod-Smith, said she couldn't provide any more details on the breach "as we are still investigating it."
Technology news websites including CNET, Ars Technica, and Mashable cited hackers calling themselves the D33D Company as claiming responsibility for the attack, adding that data posted to the group's website carried over 453,000 login credentials from an unidentified Yahoo subdomain.
The little-known group was quoted as saying that they had stolen the passwords using an SQL injection - the name given to a commonly-used attack in which hackers use rogue commands to extract data from vulnerable websites.
"We hope that the parties responsible for managing the security of this subdomain will take this as a wake-up call," the group was quoted as saying.
A Ukraine-registered website linked with D33D Company seemed unreachable yesterday.
The company said it was looking into "claims of a compromise of Yahoo! user IDs" but did not disclose the size of the reported breach or how it may have happened. Yahoo's head of UK Consumer PR, Caroline MacLeod-Smith, said she couldn't provide any more details on the breach "as we are still investigating it."
Technology news websites including CNET, Ars Technica, and Mashable cited hackers calling themselves the D33D Company as claiming responsibility for the attack, adding that data posted to the group's website carried over 453,000 login credentials from an unidentified Yahoo subdomain.
The little-known group was quoted as saying that they had stolen the passwords using an SQL injection - the name given to a commonly-used attack in which hackers use rogue commands to extract data from vulnerable websites.
"We hope that the parties responsible for managing the security of this subdomain will take this as a wake-up call," the group was quoted as saying.
A Ukraine-registered website linked with D33D Company seemed unreachable yesterday.
- About Us
- |
- Terms of Use
- |
-
RSS - |
- Privacy Policy
- |
- Contact Us
- |
- Shanghai Call Center: 962288
- |
- Tip-off hotline: 52920043
- 沪ICP证:沪ICP备05050403号-1
- |
- 互联网新闻信息服务许可证:31120180004
- |
- 网络视听许可证:0909346
- |
- 广播电视节目制作许可证:沪字第354号
- |
- 增值电信业务经营许可证:沪B2-20120012
Copyright © 1999- Shanghai Daily. All rights reserved.Preferably viewed with Internet Explorer 8 or newer browsers.
