In the latest massive breach of a major company’s database security, the Yahoo email servers have been compromised, and over 400,000 users’ account information has been stolen. Fortunately for everyone involved, the hackers behind the operation don’t appear to have any malicious intent, but rather did it as a way of pointing out Yahoo’s security vulnerabilities. The group behind the attacks, who call themselves D33D Company, briefly posted the stolen information online, with a footnote explaining their motives.
“We hope that the parties responsible for managing the security of this subdomain will take this as a wake-up call, and not as a threat. There have been many security holes exploited in Web servers belonging to Yahoo Inc. that have caused far greater damage than our disclosure. Please do not take them lightly. The subdomain and vulnerable parameters have not been posted to avoid further damage.”
Also included in the stolen data was information on thousands of accounts from other email providers, likely accounts that had been linked to existing Yahoo accounts. According to the NY Times, 106,000 Gmail accounts, 55,000 Hotmail accounts and 25,000 AOL accounts were included in the leaked data.
Yahoo has released a statement informing users that they should change their passwords. A spokesperson for the company also warned, “Since Yahoo is still investigating this breach there’s a possibility that it hasn’t been contained yet. You should still go ahead and change [your password] straight away, but you may have to change it for a second time if it turns out attackers are still entrenched in Yahoo’s systems.”
If you’ve still got a Yahoo account that you care about for some reason, it would be wise to change your password as soon as possible. Alternatively, you could take this opportunity to close your Yahoo account and never look back. Gmail’s superior email service awaits.