HOME

TheInfoList



Click Here for Items Related To - 2012 Yahoo! Voices Hack
OR:
2012 Yahoo! Voices Hack on:   [Wikipedia]   [Google]   [Amazon]

Yahoo! Voices Yahoo! Voices, formerly Associated Content (AC), was a division of Yahoo! that focused on online publishing. Yahoo! Voices distributed a large variety of writing through its website and content partners, including Yahoo! News. In early December 20 ...
, formerly Associated Content, was hacked in July 2012. The hack is supposed to have leaked approximately half a million email addresses and passwords associated with Yahoo! Contributor Network. The suspected hacker group, D33ds, used a method of SQL Injection to penetrate Yahoo! Voice servers. Security experts said that the passwords were not encrypted and the website did not use a HTTPS Protocol, which was one of the major reasons of the
data breach A data breach is a security violation, in which sensitive, protected or confidential data is copied, transmitted, viewed, stolen or used by an individual unauthorized to do so. Other terms are unintentional information disclosure, data leak, info ...
. The email addresses and passwords are still available to download in a plaintext file on the hacker's website. The hacker group described the hack as a "wake-up call" for Yahoo! security experts. Joseph Bonneau, a security researcher and a former product analysis manager at Yahoo, said "Yahoo can fairly be criticized in this case for not integrating the Associated Content accounts more quickly into the general Yahoo login system, for which I can tell you that password protection is much stronger."


Reaction by communities and users

D33DS, the suspected hacker group, said that the hack was a "wake-up call". They said that it was not a threat to Yahoo!, Inc. The IT Security firm TrustedSec.net said that the passwords contained a number of email addresses from Gmail,
AOL AOL (stylized as Aol., formerly a company known as AOL Inc. and originally known as America Online) is an American web portal and online service provider based in New York City. It is a brand marketed by the current incarnation of Yahoo (2017� ...
, Yahoo, and more such websites.


Response from Yahoo

Immediately after the hack, Yahoo!, in a written statement, apologized for the breach. Yahoo! did not disclose how many passwords were valid after the hack, because they said that every minute, 1–3 passwords are changed on their site. Yahoo! said that only 5% of its passwords were stolen during the hack. The hackers' website, d33ds.co, was not available later on Thursday, after the hack. Yahoo! said in a written statement that it takes security very seriously and is working together to fix the vulnerability in its site. Yahoo! said that it was in the process of changing the passwords of the hacked accounts and notifying other companies of the hack.


Controversy

A simple matter had sparked a controversy over Yahoo!. The controversy was sparked because of Yahoo!'s silence about the data breach. After the servers were hacked, Yahoo! did not mail the affected victims, although it was promised earlier. There was no site-wide notifications about the hack, nor did any victim get any type of personal messages detailing how to reset their account passwords from Yahoo.


References


External links

* http://ycorpblog.com/2012/07/13/yahoo-0713201/ {{Webarchive, url=https://web.archive.org/web/20120804071943/http://ycorpblog.com/2012/07/13/yahoo-0713201/ , date=2012-08-04 2012 crimes Hacking in the 2010s Hacking of Yahoo! Data breaches