homepage Welcome to WebmasterWorld Guest from 23.21.9.44
register, free tools, login, search, pro membership, help, library, announcements, recent posts, open posts,
Become a Pro Member

Visit PubCon.com
Home / Forums Index / Yahoo / Yahoo Corporate
Forum Library, Charter, Moderator: open

Yahoo Corporate Forum

    
Yahoo Mail User Accounts Compromised
engine




msg:4641525
 12:22 pm on Jan 31, 2014 (gmt 0)

The security message indicates posted by Jay Rossiter, SVP, Platforms and Personalization Products on the blog says it may have come from a third party database. I might ask what the third party was doing with the database in the first place.


Security attacks are unfortunately becoming a more regular occurrence. Recently, we identified a coordinated effort to gain unauthorized access to Yahoo Mail accounts. Upon discovery, we took immediate action to protect our users, prompting them to reset passwords on impacted accounts.Yahoo Mail User Accounts Compromised [yahoo.tumblr.com]
Based on our current findings, the list of usernames and passwords that were used to execute the attack was likely collected from a third-party database compromise. We have no evidence that they were obtained directly from Yahoo’s systems. Our ongoing investigation shows that malicious computer software used the list of usernames and passwords to access Yahoo Mail accounts. The information sought in the attack seems to be names and email addresses from the affected accounts’ most recent sent emails.

 

ZydoSEO




msg:4641663
 3:04 am on Feb 1, 2014 (gmt 0)

I think they are talking about a 3rd party DB like when 6MM username/passwords were stolen from LinkedIn. Many of those users were Yahoo! users and used their Yahoo! email to log into LinkedIn. AND to make matters worse, their LinkedIn password was the same as their Yahoo! password.

So when 3rd party DBs are compromised that have email/password, if it is a Yahoo! or Gmail account then the first thing they try to do is go to that email account at Yahoo! or Gmail and try to login with that username and the 3rd party password. You'd be surprised how many times they use the same password as their real email account password.

Global Options:
 top home search open messages active posts  
 

Home / Forums Index / Yahoo / Yahoo Corporate
rss feed

All trademarks and copyrights held by respective owners. Member comments are owned by the poster.
Home ¦ Free Tools ¦ Terms of Service ¦ Privacy Policy ¦ Report Problem ¦ About ¦ Library ¦ Newsletter
WebmasterWorld is a Developer Shed Community owned by Jim Boykin.
© Webmaster World 1996-2014 all rights reserved