BOSTON, July 12 (Reuters) - Yahoo Inc reported the theft of 400,000 user names and passwords to access its own site as well as those of other companies, saying that hackers had taken advantage of a security vulnerability in its computer systems.
Company spokeswoman Dana Lengkeek did not identify the other companies whose credentials were stolen or say how many of the stolen logins were for Yahoo's sites.
She said the data was included in "an older file."
"We are fixing the vulnerability that led to the disclosure of this data, changing the passwords of the affected Yahoo! users and notifying the companies whose users accounts may have been compromised," she said.
A hacker group had previously posted hundreds of thousands of user accounts and passwords on a public website.
The theft comes in the wake of a breach reported last month by the business networking service LinkedIn, which resulted in the release of some 6.4 million member passwords. If you feel like your account has been compromised, the best thing to do is change your password.
@tmilewski
Tom Milewski
Yahoo stored passwords in plaintext which were retrieved by a simple SQL injection attack?! This is a joke, right?
http://t.co/CkAfdWTb
Yahoo! Hacked
Reply With Quote