The Yahoo Contributor Network page
(Credit: Screenshot by David Hamilton/CNET)
Yahoo has just become the latest big online service to suffer a major password breach. While the number of affected users is far smaller than in the last big exposure -- that would be the password hack at LinkedIn last month, which exposed 6.5 million user passwords -- the attack is a big black eye for Yahoo and a potential hazard to the 450,000 or so people whose login information is now flapping in the breeze.
So here is CNET's quick guide to the Yahoo password fumble and what you need to do.
What, exactly, went wrong? A hacker collective calling itself D33Ds Co. publicly posted more than 450,000 login credentials -- i.e., paired usernames and passwords -- obtained from Yahoo's "Contributor Network" site. In that data dump, the hackers described their attack as a "union-based SQL injection," which is effectively a way of tricking the database on a poorly secured site into divulging private information.
No comments:
Post a Comment