/// Another Bad Day for Passwords, This Time at Yahoo

July 12, 2012  |  All Things Digital


Shutterstock/Péter Gudella Yahoo confirmed today that a bunch of passwords — more than 450,000 of them, to be exact — have been stolen. The breach of Yahoo’s servers was supposedly the work of a group of hackers that called itself the D33D Company, saying in a post that the action was meant to wake up Yahoo’s computer security team and not for malicious purposes. As data breaches go, the number of accounts compromised wasn’t that large. Earlier this summer, LinkedIn suffered a breach that compromised the passwords of some six million of its customers. In LinkedIn’s case, the passwords were stored in a marginally scrambled state — not strongly encrypted as they should have been, but in a mixed-up state, using an old, easy-to-break hashing technique known as MD5. In the case of Yahoo, the passwords are said to have been stored in raw plaintext, which anyone with even the slightest bit of training in IT security knows is a no-no.

Go here to see the original:
Another Bad Day for Passwords, This Time at Yahoo



Leave a Reply