Yahoo Contributor Network didn't require strong passwords or hash them, so hackers, and the rest of the world, were able to see how basic many of them were.
This doesn't rate up there with "Resumegate," but when it comes to Yahoo, the fun never ends. The company finally gave the all clear this morning in the aftermath of a massive password leak that exposed more than 450,000 Yahoo log-in credentials.
The company says it has since deployed "additional security measures" and "enhanced our underlying security controls" as it goes about notifying affected users.
From Yahoo's latest missive:
Yahoo recently confirmed that an older file containing approximately 450,000 e-mail addresses and passwords was compromised. The compromised information was provided by writers who had joined Associated Content prior to May 2010, when it was acquired by Yahoo. (Associated Content is now the Yahoo Contributor Network.) This compromised file was a standalone file that was not used to grant access to Yahoo systems and services.
We have taken swift action and have now fixed this vulnerability, deployed additional security measures for affected Yahoo users, enhanced our underlying security controls, ... [Read more]
No comments:
Post a Comment