Richi Jennings

Yahoo! Voices hack reveals 453,492 passwords, claims D33Ds Company

July 12, 2012 6:05 AM EDT

Yahoo! Voices (née Associated Content) has been hacked by a group calling itself D33Ds Company. The perps claim to have lifted almost half a million login credentials using a SQL-injection attack. In IT Blogwatch, bloggers change their Yahoo! (NASDAQ:YHOO) passwords, just in case.
By Richi Jennings: Your humble blogwatcher curated these bloggy bits for your entertainment. Not to mention: The Queen's royal sausages...
Dave Kennedy broke the story:

[But his website was crushed by the load -Ed.]       M0RE

So let's turn to Dan Goodin, at his new home:

The [passwords] posted on a public website by a hacking collective [who] said it penetrated the Yahoo subdomain using...a union-based SQL injection.
To support their claim, the hackers posted what they said were the plaintext credentials for 453,492...accounts.       M0RE

And Andy Greenberg raids the wayback machine:

Do you Yahoo? Then you may want to change your account’s password.
D33Ds Company claimed...that the hack was intended to warn Yahoo! about similar vulnerabilities in its sites...“We hope that the parties responsible...will take this as a wake-up call. ... There have been many [Yahoo!] security holes...that have caused far greater damage than [this]. ... The subdomain and vulnerable parameters have not been posted to avoid further damage.”       M0RE.

In case you missed it, John "John" Koetsier repeats the advice advice:

...the affected service is... Yahoo Voices, the user-generated content service. ... Which means that if you’ve ever contributed content to Yahoo Voices or Associated Content...change your passwords.
[This is probably] case of hackers finding an old user account backup...[but]  many people do not use unique usernames or passwords for different sites...[so] change your passwords!       M0RE

Meanwhile, the Open Security Foundation notes this fascinating fact:

20 passwords have "squirrel" in them!       M0RE

And Finally...
The Queen's royal sausages
[don't watch while eating!]