Digital Transformation

Yahoo data breach sees loss of more than 400,000 passwords

Accounts on Yahoo and other sites may have been exposed by hackers

Internet giant Yahoo revealed last week that it suffered a data breach which resulted in around 450,000 user passwords being exposed by hackers, with account details for its own and other sites said to have been compromised.

According to reports, the company’s Yahoo Contributor Network – a service which allows users to upload their own content – came under attack from hacking group D33D, and people who had signed up with their personal emails may have also had their login details for accounts on sites such as Google and MSN obtained by criminals.

However, Yahoo has attempted to quell any fears, saying that only a small minority of the passwords that went missing could potentially lead to leaks elsewhere.

“Less than five per cent of the Yahoo accounts had valid passwords. We are taking immediate action by fixing the vulnerability that led to the disclosure of this data by… changing the passwords of the affected Yahoo users and notifying the companies whose users accounts may have been compromised,” the company said in a statement.

Yet despite D33D publishing the unencrypted file on its site, it claimed that it hopes security organisations “will take this as a wake-up call, and not as a threat”.

Whether or not the incident results in members of the public having their sensitive data accessed by cyber criminals and used for illegal purposes remains to be seen, but people who use Yahoo’s network will be hoping that the organisation is able to quickly resolve any issues and prevent any reoccurrences in the future.

Indeed, the event itself highlights the need for companies to have sufficient data protection strategies in place in order to protect the confidential details of its users, and this is imperative for both safeguarding the public’s information and preventing any threat to a brand’s reputation.