London: Yahoo Inc. said today it is
investigating reports of a security breach that may have exposed nearly half a
million users’ email addresses and passwords.
The company said it was
looking into “claims of a compromise of Yahoo! user IDs” but did not disclose
the size of the reported breach or how it may have happened.
Reuters
Yahoo’s Head
of UK Consumer PR CarolineMacLeod-Smith said that she couldn’t immediately
provide any more detail on the breach “as we are still investigating it.”
Technology news websites including CNET, Ars Technica, and Mashable cited hackers calling themselves the
D33D Company as claiming responsibility for the attack, adding that data posted
to the group’s website carried more than 453,000 login credentials from an
unidentified Yahoo subdomain.
The little-known group was
quoted as saying that they had stolen the passwords using an SQL injection – the name given to a commonly-used
attack in which hackers use rogue commands to extract data from vulnerable websites.
“We hope that the parties
responsible for managing the security of this subdomain will take this as a
wake-up call,” the group was quoted as saying.
A
Ukraine-registered website associated with D33D Company appeared to be
unreachable today; an email
address and a phone number
attributed to the site’s registrant appeared to be invalid.
Loading
Posts
0 comments:
Post a Comment