400000 Yahoo accounts hacked – Usernames made availble to public

Much to the embarrassment of many Yahoo users a news was reported that more than 400000 Yahoo user accounts had been hacked & their user credentials are published on the web.This all happened after hackers found a vulnerable way to enter into yahoo’s system & got hold on unencrypted data.

The exact Number of Yahoo Accounts Leaked & Published are 453,492.

The breach came after just one month after millions of user accounts of Professional social networking website Linkedin are hacked & exposed.This highlights how our data is less secure even with most recognized companies which use sophisticated techniques to protect user credentials.

400k Yahoo accounts hacked - Usernames in public

The above episode is all run by the people behind D33ds company.The hackers quoted that they were able to obtain all the credentials through an SQL injection, which was method used to attack Sony back in 2011.

Website of D33ds company where the Leaked Yahoo Accounts were published was alive till Thursday morning but was unavailable after that point of time, not sure what caused the outage.I also can’t find an cached page of the website on Google.But If you want to see if your Yahoo email Account is there in the list or not you can get the file from various torrent services & Mediafire.

Reacting to this Yahoo spokeswoman Dana Lengkeek  had confirmed the Security breach & said  this all caused because of  an stolen “older file” had Yahoo Contributor Network, an Internet publishing service that Yahoo purchased about two years ago.Below is the exact transcript of the spokeswoman:

“At Yahoo! we take security very seriously and invest heavily in protective measures to ensure the security of our users and their data across all our products. We confirm that an older file from Yahoo! Contributor Network (previously Associated Content) containing approximately 450,000 Yahoo! and other company users names and passwords was compromised yesterday, July 11. Of these, less than 5% of the Yahoo! accounts had valid passwords. We are taking immediate action by fixing the vulnerability that led to the disclosure of this data, changing the passwords of the affected Yahoo! users and notifying the companies whose users accounts may have been compromised. We apologize to all affected users. We encourage users to change their passwords on a regular basis and also familiarize themselves with our online safety tips at security.yahoo.com. We also recommend these Yahoo! Account Security options to further protect your account security.yahoo.com.”

May be because of this news Yahoo Inc. also postponed announcing a permanent chief executive officer at its annual shareholder meeting happening today.

The top six passwords in the stolen batch were “123456,” “helloworld,” “password,” “welcome,” “ninja” and “abc123,” said David Harley, senior research fellow at security firm ESET.

I would suggest you to make changing your online passwords regularly to protect yourself from getting hacked & enable 2 step authentication if available with your provider.