Yahoo Hack Exposes Over 400,000 Users' Information

Yahoo has announced that it is investigating a privacy breach of its system which could have uncovered 400,000 user IDs.

According to US security firm Trustedsec, the breach possibly stemmed from servers connected to Yahoo Voices, a user-created part of the site. Hacking group "D33DS Company" is suspected to have caused the attack. A Yahoo spokesman confirmed that the issue had started with Yahoo Voice, however a document released by Yahoo does not specify the origins of the attack.

Yahoo said in a statement, "We are currently investigating the claims of a compromise of Yahoo! user IDs." The statement continued saying that they recommend that users, "change their passwords on a regular basis."

Trustedsec also added that the exposed passwords were linked to several email addresses from yahoo.com, gmail.com and aol.com.

The hackers were reported to have used a method known as SQL injection to steal the private information from the system.

Yahoo had not put up a warning of the attacks until several hours after knowing about it, keeping customers in the dark about the issue.

"The most alarming part of the entire story was the fact that the passwords were stored entirely unencrypted," Trustedsec said in its blog.

It is suspected that the information in which hackers gained access to includes users' names, full addresses, phone numbers and dates of birth.

Real Time Analytics