Yahoo website breached – 450k usernames and passwords posted online, in plaintext

By on

Can we say #facepalm? Yahoo has suffered a massive data breach, with hackers attacking a service called Yahoo Voices and posting 450,000 usernames and passwords. Here’s the kicker – they are all in plaintext and it appears there wasn’t any encryption.

Yahoo Voices, also known as Associated Content, has been pointed by TrustedSec where the breach occurred – though there has been some confusion because Yahoo Voices is Associated Content, Yahoo Voice is their VoIP service. Voices is where people contribute content for Yahoo’s own services such as Yahoo News, Finance, Sports and other titles.

TrustedSec notes that those responsible used an SQL injection to get the information, and posted the information on a hacker site known as D33D Company.

TECHGEEK.com.au has sent an email asking for Yahoo to confirm or deny the story.

Join the Conversation