Yahoo Voice Gets Hacked as 400,000+ Plaintext Credentials Are Posted Online

Yahoo has reportedly been hacked after the plaintext credentials for 400,000 logins were found to have been posted online, according to security expert Trusted Sec.

The report — via Ars Technica — suggests that the user data is from the company’sYahoo Voice calling service, and the security firm has expressed its concern that it was so easily accessed:

The most alarming part to the entire story was the fact that the passwords were stored completely unencrypted and the full 400,000+ usernames and passwords are now public. The method for the compromise was apparently a SQL Injection attack to extract the sensitive information from the database.

The posting contains the plaintext credentials for 453,492 Yahoo accounts, and is intended to serve as a “wake-up call…not a threat”, according to a comment that accompanied the data dump.

“We hope that the parties responsible for managing the security of this subdomain will take this as a wake-up call, and not as a threat. There have been many security holes exploited in webservers belonging to Yahoo! Inc. that have caused far greater damage than our disclosure. Please do not take them lightly. The subdomain and vulnerable parameters have not been posted to avoid further damage.”

The Yahoo Voice calling service is powered by voice over IP (VoIP) company Jajah, following a deal that was inked in 2008. At this stage, however, it appears that the issue lies with Yahoo rather than Jajah.

Via: TheNextWeb

Prateek Panda

Prateek is the Founder of TheTechPanda. He's passionate about technology startups and entrepreneurship and enjoys speaking to new founders every day. Prateek has also been consistently regarded as one of the top marketing experts in the region.

Recent Posts

Quantum leap or quantum sleep? Why the future of superfast computing is still loading…

Is quantum computing truly just five years away from real-world applications or will we be…

3 days ago

How India’s own cloud can empower MSMEs, EdTech & Health Tech with safer data ecosystems

How India’s own cloud can empower MSMEs, EdTech & Health Tech with safer data ecosystems…

4 days ago

New tech on the block: Blockchain, cybersecurity, ecommerce, cryptocurrency, data management, no code, cloud & workplace tools

The Tech Panda takes a look at recent tech launches. Blockchain: A platform is designed…

5 days ago

Your AI is now mine: A subtle but alarming new contest between cyber attackers & defenders

AI might be assisting today’s cyber defenders to accelerate and improve threat detection, but the…

5 days ago

The AI-driven CFO: How Artificial Intelligence is redefining financial leadership in the tech era

The Chief Financial Officer (CFO) is no longer the only one responsible for budgets and…

1 week ago

From Roblox to Python: How game development educates kids on AI principles

AI is no longer in the distant future, discussed only in university classrooms or interactive…

1 week ago