Yahoo confirmed on Thursday that about
400,000 passwords were in fact stolen.
"We confirm that an older file from
Yahoo! Contributor Network (previously
Associated Content) containing
approximately 400,000 Yahoo! and other
company users names and passwords
was stolen yesterday, July 11," the
company said in a statement to CNBC.
Of the stolen passwords, however, less
than five percent of the Yahoo accounts
had valid passwords, the company said
in the statement.
The company is fixing the vulnerability
and changing passwords of affected Yahoo
users. It is also notifying companies
whose accounts may of been
compromised, according to the
A previously unknown h*cker group first
posted online the details of 450,000 user
accounts and passwords it said it had
taken from a Yahoo server.
The Ars Technica technology news website
reported that the group, which calls itself
D33DS Company, h*cked into an
unidentified subdomain of Yahoo's
[YHOO 15.7299 -0.0701 (-0.44%) ] website
where they retrieved unencrypted account
The affected accounts appeared to belong
to a voice-over-Internet-protocol, or VOIP,
service called Yahoo Voices, which runs on
Yahoo's instant messenger. The Voices
service is powered by Jajah, a VOIP
platform that was bought by Telefonica
Europe BV in 2010.
The h*ckers' website where the original
claim was made, d33ds.co, was not
available later on Thursday. It was
registered in February. Industry website
CNET reported the h*ckers as saying the
breach was intended as a "wake-up call
and not as a threat" and that Yahoo's
security was lax.
The Voices h*ck is one of several in recent
months. The business networking service
LinkedIn admitted last month that 6.4
million member passwords had been
stolen from its website. source :http://www.cnbc.com/id/48161562
u can use this link to check if your was h*cked http://labs.sucuri.net/?yahooleak