1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Yahoo hacked, 450,000 passwords posted online

Discussion in 'BlackHat Lounge' started by BRAIN_PAIN, Jul 14, 2012.

  1. BRAIN_PAIN

    BRAIN_PAIN Junior Member

    Joined:
    Jan 26, 2010
    Messages:
    164
    Likes Received:
    46
    Occupation:
    SEO consultant, Project Manager, Designer
    Location:
    Out of Space!
    Home Page:
    Big shit going on because of Yahoo - http://edition.cnn.com/2012/07/12/tech/web/yahoo-users-hacked/

    I have an Yahoo account and google,amazon,facebook and twitter reported strange activity with my accounts there, so I have changed all my passwords again.

    If you have an yahoo account, I suggest that you change your passwords on all your accounts that use your yahoo password.
     
    • Thanks Thanks x 3
  2. LikeaSir

    LikeaSir Jr. VIP Jr. VIP Premium Member

    Joined:
    Apr 24, 2012
    Messages:
    128
    Likes Received:
    63
    Lol'd @ first comment on the site - "Oh goodie, Now they can have all my Viagra, wanna get rich, make it larger, get thinner, long lost relatives that wanna give me ungodly amounts of money emails. I hope they just respond to all of em for me."
     
    • Thanks Thanks x 5
  3. unknownymous

    unknownymous Regular Member

    Joined:
    Jan 22, 2012
    Messages:
    272
    Likes Received:
    144
    Location:
    unknown
    Mine was one of those too. Dammit!
     
  4. -ReX-

    -ReX- Power Member

    Joined:
    Apr 26, 2012
    Messages:
    707
    Likes Received:
    274
    Location:
    Manly, Australia
    Lol I got a copy of them :D
     
  5. lexmedia

    lexmedia Registered Member

    Joined:
    Sep 22, 2008
    Messages:
    79
    Likes Received:
    19
    Same here, I`ve just been informed through e-mail. Yahoo and Amazon both compromised
     
  6. lanbo

    lanbo Jr. VIP Jr. VIP Premium Member

    Joined:
    Aug 23, 2009
    Messages:
    3,437
    Likes Received:
    595
    Home Page:
    I think my twitter got hacked too yesterday
     
  7. steelballs

    steelballs BANNED BANNED

    Joined:
    Dec 5, 2008
    Messages:
    1,832
    Likes Received:
    4,562
    Yes they did as they sent me an email confirming the incident
     
  8. steelbone

    steelbone Junior Member

    Joined:
    May 7, 2012
    Messages:
    125
    Likes Received:
    29
    Location:
    Outside of boston
    Home Page:
    Lately my yahoo email keeps making me put my PW in all the time...driving me nuts
     
  9. google2

    google2 Junior Member

    Joined:
    Jun 24, 2012
    Messages:
    187
    Likes Received:
    28
    Location:
    Im my house
    Home Page:
    is that means yahoo mail is not safe ??
     
  10. unknownymous

    unknownymous Regular Member

    Joined:
    Jan 22, 2012
    Messages:
    272
    Likes Received:
    144
    Location:
    unknown
    • Thanks Thanks x 4
    Last edited: Jul 14, 2012
  11. BRAIN_PAIN

    BRAIN_PAIN Junior Member

    Joined:
    Jan 26, 2010
    Messages:
    164
    Likes Received:
    46
    Occupation:
    SEO consultant, Project Manager, Designer
    Location:
    Out of Space!
    Home Page:
    As I thought, my email is there :(

    At least I know for sure the source for this now :)
     
  12. xxtoni

    xxtoni Junior Member

    Joined:
    Jul 5, 2010
    Messages:
    172
    Likes Received:
    213
    I am surprised to be honest that someone who frequents BHW would use the same password twice. I just use the same password when I'm signing up for something on my iPhone and then if I like the app, site or whatever I put it on my to-do list to assign a new password as soon as I get home.

    For password management there are two great tools out there that you should use, I have been using them for years and they're fantastic.

    For web sites I use a combo of Lastpass and Keepass. Basically for all the sites that I am probably only gonna visit once I just let lastpass fill out the password and save it. If I ever visit that site again lastpass has already filled it out and I just click login.

    For other important sites and non-sites (email, wifi password and the works) I use KeePass which is synced across all my devices with Dropbox. I use MiniKeePass on my iPhone to copy passwords when I need them.

    For an extra layer of security on my accounts I use Google 2 Factor Authentication. Basically what that means is that you can install a token app (like a bank token) on your mobile phone and you need to enter the code that is generated in that app alongside your password each time you login. So for someone to gain access to your accounts they have both have your mobile phone and your password.

    Considering that there has been a security breach on BHW only a few days back I'll be writing a comprehensive post here on how to manage passwords without any effort and to be as secure as possible. I'll leave the link here once I'm done.
     
    • Thanks Thanks x 5
  13. killerz

    killerz Registered Member

    Joined:
    Jan 14, 2008
    Messages:
    75
    Likes Received:
    17
    Occupation:
    IM Student
    Location:
    BHW
    One of my email showed up in the list. I tried logging in and was asked to answer a verification question and then asked to change my password.
     
  14. xxtoni

    xxtoni Junior Member

    Joined:
    Jul 5, 2010
    Messages:
    172
    Likes Received:
    213
  15. Checkmate

    Checkmate Elite Member

    Joined:
    Aug 9, 2010
    Messages:
    1,536
    Likes Received:
    639
    Mine was on the list also.

    Good thing it wasn't the password I use for my email.
     
  16. highlypotent

    highlypotent Newbie

    Joined:
    Jul 14, 2012
    Messages:
    15
    Likes Received:
    5
    Good thing I always thought yahoo was lame.
     
  17. csguy

    csguy BANNED BANNED

    Joined:
    Jul 13, 2012
    Messages:
    396
    Likes Received:
    42
    Yahoo takes security very seriously.
    Also, I tried lastpass last night. horrible. Don't ever use that. Plus, they log every site you ever go to.
     
  18. xxtoni

    xxtoni Junior Member

    Joined:
    Jul 5, 2010
    Messages:
    172
    Likes Received:
    213
    I have used LastPass for two years, without every having any problems whatsoever including the security of the passwords. The service has been well reviewed and higly praised by cNet, Forbes, Mashable and Lifehacker and I'm sure they know a bit more about these things than someone who has used the service for less than a day and is already saying that it's horrible.
     
  19. tsanko

    tsanko Senior Member

    Joined:
    Aug 9, 2008
    Messages:
    833
    Likes Received:
    1,038
    Home Page:
    Just receive this mail.


    You may have read in press reports that Yahoo! recently confirmed an older file containing approximately 450,000 email addresses and passwords?provided by writers who had joined Associated Content prior to May 2010?was publicly posted on the Internet. This file was a standalone file that was not used to grant access to Yahoo! systems and services. This message is being sent to an email address in this compromised file.

    We are taking important steps to address this issue and have now fixed the vulnerability that led to the disclosure of the data and enhanced our underlying security controls. As a non-Yahoo! account holder, we apologize that we cannot provide you a direct means to secure your account. We strongly recommend that you employ the security mechanisms recommended by your email service provider to secure your account.

    Additionally, given the high frequency of consumers using the same login information on services across the Internet, we strongly advise users to:

    ? Change their passwords for any account they hold every few months,
    ? Use a different password for each service or website, and
    ? Create passwords using a mixture of characters, symbols, and numbers.

    We also suggest that you proactively monitor the activity on any account you have created online. Specifically, be on the lookout for spam originating from your email, and check your sign-in activity from time to time. If you see anything suspicious?like your account was accessed in Romania when you were home in Chicago?you should change your password immediately.

    We take security very seriously at Yahoo! and invest heavily in protective measures to ensure the security of our users and their data across all our products. In addition, we will continue to take significant measures to protect our users and their data.

    We sincerely apologize for this matter.
    Yahoo! Inc.
     
    Last edited: Jul 14, 2012
  20. kaif0346

    kaif0346 Power Member

    Joined:
    Jul 13, 2011
    Messages:
    734
    Likes Received:
    93
    Occupation:
    free lancer, SEO, VA
    Location:
    battle field
    Home Page:
    what is the source where they originally posted by hackers ??