'DD3Ds Company' said it obtained the data by executing a SQL injection attack against an unnamed Yahoo subdomain
Yahoo Voice users: Change your Yahoo password immediately.
A hacker or hacking group that bills itself as "DD3Ds Company" Thursday leaked what it said were plaintext passwords for 453,492 Yahoo accounts, as well as over 2,700 database table or column names, and 298 MySQL variables. DD3Ds said it obtained the data by executing a SQL injection attack against an unnamed Yahoo subdomain, which security experts have identified as being Yahoo Voice.
"We hope that the parties responsible for managing the security of this subdomain will take this as a wake-up call, and not as a threat," read a note included in the password dump. "There have been many security holes exploited in webservers belonging to Yahoo! Inc. that have caused far greater damage than our disclosure. Please do not take them lightly. The subdomain and vulnerable parameters have not been posted to avoid further damage."
Read the full article here.
Have a comment on this story? Please click "Discuss" below. If you'd like to contact Dark Reading's editors directly, send us a message.
About the Author(s)
You May Also Like
Guarding the Cloud: Top 5 Cloud Security Hacks and How You Can Avoid Them
April 4, 2024Cybersecurity Strategies for Small and Med Sized Businesses
April 11, 2024Defending Against Today's Threat Landscape with MDR
April 18, 2024Securing Code in the Age of AI
April 24, 2024
Black Hat USA - August 3-8 - Learn More
August 3, 2024Cybersecurity's Hottest New Technologies: What You Need To Know
March 21, 2024Black Hat Asia - April 16-19 - Learn More
April 16, 2024