Yahoo! Voices (née Associated Content) has been hacked by a group calling itself D33Ds Company. The perps claim to have lifted almost half a million login credentials using a SQL-injection attack. In IT Blogwatch, bloggers change their Yahoo! (NASDAQ:YHOO) passwords, just in case.
By Richi Jennings: Your humble blogwatcher curated these bloggy bits for your entertainment. Not to mention: The Queen's royal sausages...
Dave Kennedy broke the story:
[But his website was crushed by the load -Ed.]
So let's turn to Dan Goodin, at his new home:
The [passwords] posted on a public website by a hacking collective [who] said it penetrated the Yahoo subdomain using...a union-based SQL injection.
...To support their claim, the hackers posted what they said were the plaintext credentials for 453,492...accounts.
And Andy Greenberg raids the wayback machine:
In case you missed it, John "John" Koetsier repeats the advice advice:
...the affected service is... Yahoo Voices, the user-generated content service. ... Which means that if you’ve ever contributed content to Yahoo Voices or Associated Content...change your passwords.
...[This is probably] case of hackers finding an old user account backup...[but] many people do not use unique usernames or passwords for different sites...[so] change your passwords!
Meanwhile, the Open Security Foundation notes this fascinating fact:
20 passwords have "squirrel" in them!
[don't watch while eating!]