Yahoo fell victim to a security breach that yielded hundreds of thousands of login credentials stored in plain text, but it appears users also did little to protect themselves.
The hacked data, posted to the hacker site D33D Company, contained more than 453,000 login credentials and appears to have originated from the Web pioneer's network. The hackers, who said they used a union-based SQL injection technique to penetrate the Yahoo subdomain, intended the data dump to be a "wake-up call." [Update, 11:13 a.m. PT: On Friday morning, Yahoo gave the all-clear, saying "We ... have now fixed this vulnerability, deployed additional security measures," and so on.]
If there's one thing to learn from the security breach, it's that we need to be more creative with our passwords. The hackers said they hoped this would be taken as warning to the parties responsible for the security of the hacked site, but individuals should also see this as a warning to strengthen their own personal passwords. What was the most popular password on the Yahoo list? The classic 123456, of which there were 2,295 instances.
No comments:
Post a Comment