In yet another case of hacking, this time its Yahoo, some 400000+ plain-text login credentials were found posted online, as reported by security expert Trusted Sec. It was all in a huge document (18-megabyte file) containing the lifted SQL structures, software variables, usernames and cleartext passwords which were linked from a web forum. The data dump included the hostname dbb1.ac.bf1.yahoo.com.
According to a report by Ars Technica, usernames and passwords data were from the company’s Yahoo Voices content network, “The most alarming part to the entire story was the fact that the passwords were stored completely unencrypted and the full 400,000+ usernames and passwords are now public. The method for the compromise was apparently a SQL Injection attack to extract the sensitive information from the database.” Along with the credentials a comment or we can say warning was also posted saying “wake-up call…not a threat”, “We hope that the parties responsible for managing the security of this subdomain will take this as a wake-up call, and not as a threat. There have been many security holes exploited in webservers belonging to Yahoo! Inc. that have caused far greater damage than our disclosure. Please do not take them lightly. The subdomain and vulnerable parameters have not been posted to avoid further damage.” A hacking group calling themselves as D33Ds Company claimed responsibility for the hacking using a SQL-injection attack.
Preliminary statistical analysis had been conducted by Security firm Eset. It was amusing that many of the exposed passwords were, “password”, “welcome”, “Jesus” and “ninja”. So next time you try to hack someone’s password, you know where to start from.
Just one month before, LinkedIn servers were also under attack from hackers, over 6 million hashed passwords were hacked from its servers.
The Hacker group despite being hackers sounded philosophical, as they included a quote from Jean Vanier in their closing remarks: “Growth begins when we begin to accept our own weakness.”
Update: Yahoo is investigating the breach. And here is the official statement we received from the company:
“At Yahoo! we take security very seriously and invest heavily in protective measures to ensure the security of our users and their data across all our products. We confirm that an older file from Yahoo! Contributor Network (previously Associated Content) containing approximately 450,000 Yahoo! and other company users names and passwords was compromised yesterday, July 11. Of these, less than 5% of the Yahoo! accounts had valid passwords. We are taking immediate action by fixing the vulnerability that led to the disclosure of this data, changing the passwords of the affected Yahoo! users and notifying the companies whose users accounts may have been compromised. We apologize to all affected users. We encourage users to change their passwords on a regular basis and also familiarize themselves with our online safety tips at security.yahoo.com.”