ArsTechnica is reporting that Yahoo’s Voices website has been hacked and the hackers by the name of D33Ds Company have made the file of the 400,000 plus names and passwords available as a file online. Ars who analyzed the leaked file managed to get a statement from the hacker groups who had this to say:
“We hope that the parties responsible for managing the security of this subdomain will take this as a wake-up call, and not as a threat,” a brief note at the end of the dump stated. “There have been many security holes exploited in webservers belonging to Yahoo! Inc. that have caused far greater damage than our disclosure. Please do not take them lightly. The subdomain and vulnerable parameters have not been posted to avoid further damage.”
Of course Yahoo representatives confirmed the breach that hit the site’s Contributor Network (previously Associated Content) on Wednesday and have issued a statement regarding the breach:
“We are fixing the vulnerability that led to the disclosure of this data, changing the passwords of the affected Yahoo! users and notifying the companies whose users accounts may have been compromised,” the statement continued. “We apologize to affected users. We encourage users to change their passwords on a regular basis and also familiarize themselves with our online safety tips at security.yahoo.com.”
Some experts are now saying that the FTC may get involved in this situation and may also issue sanctions against Yahoo because their privacy policies state that Yahoo takes privacy seriously and they guarantee the security of their customers. If you are concerned about whether or not your password has been published head on over to TrustedSec’s website and follow the post to see the site the names and passwords are published, but to be safe make sure to still change your password before you even start researching.
