Custom Search
Protected by Copyscape Duplicate Content Tool

Friday, July 20, 2012

Yahoo Mail: Hacked

Have you received an email from a contact in your Yahoo Mail that contains nothing but a URL link to a certain medicine company website? Yet, it seems absurd since you know that your friend is not in any way connected with that particular website or company and when you ask your friend about the email, the person does not know anything about it. Well, it seems that Yahoo Mail has been hacked.

Last Saturday, I have heard from a radio program that Yahoo has admitted that indeed, Yahoo Mail service has been hacked. According to a source, it has affected around 450,000 users.

In the said radio program, IT expert Jerry Liao enumerated three blunders that Yahoo committed, which experts say, in one way or another, had caused this problem.
  1. No Encryption- Yahoo stores passwords in their servers unencrypted. This means that they stored passwords in plain text in their server. They did not hide sensitive information like those.
  2. Server Monitoring- Yahoo does not monitor what is happening with their server. It is like a bank without a security guard or CCTV cameras in place.
  3. Privileged Entry- Anybody who enters their server can go anywhere and open anything inside. They did not provide adequate restriction.
Perhaps Yahoo has addressed this hacking issue at hand. Even if Yahoo Mail is a free web-mail service, the users also expect a level of security that would ensure their privacy most especially those who are using the paid services that Yahoo offers.

Meanwhile, IT expert Jerry Liao, suggests that users of web-mail service and social networks should avoid using the same password for all their accounts and as much as possible, change them at least three times in a year. This would add more security against dynamic hackers around the net.
In Yahoo Mail's Facebook Account, Yahoo has written:
"At Yahoo! we take security very seriously and invest heavily in protective measures to ensure the security of our users and their data across all our products. We confirm that an older file from Yahoo! Contributor Network (previously Associated Content) containing approximately 450,000 Yahoo! and other company users names and passwords was compromised yesterday, July 11. Of these, less than 5% of the Yahoo! accounts had valid passwords. We are taking immediate action by fixing the vulnerability that led to the disclosure of this data, changing the passwords of the affected Yahoo! users and notifying the companies whose users accounts may have been compromised. We apologize to all affected users. We encourage users to change their passwords on a regular basis and also familiarize themselves with our online safety tips at We also recommend these Yahoo! Account Security options to further protect your account |"

No comments:

Post a Comment

Related Posts Plugin for WordPress, Blogger...