Yahoo Gets Hacked:How Safe Is Your Information Online?

Have you ever wondered where all your online information goes to and in particular where it’s stored? Well if you haven’t, now would be a pretty good time to start paying attention and being more careful of what you disclose to the various search engines be they from Yahoo, Bing, Ask or Google-who by the way never delete your searches from their servers but rather store them in their databases for life! (This shall be our topic of discussion next week), just to mention a few.
So why should you worry about where and how your information is stored? Well for starters, there are several groups of hackers practicing their expertise on the various search engines and websites we have around either as a hobby or as a source of income (paid to do so by third parties who want certain information).
The latest victim of hacking earlier on this week happened to be Yahoo who got about 450,000 of their user accounts hacked into and posted online for the world to see though for a short duration of time. (It’s claimed that Gmail, AOL, Hotmail, Comcast, MSN, SBC Global, BellSouth, Verizon and Live.com user login information were also among the 450,000 user accounts that were posted online though in a smaller ratio as compared to that of Yahoo). Yahoo spokeswoman Kate Wesson said that the company has got about 298 million active Yahoo e-mail users worldwide which means that the compromised data had affected 0.15% of Yahoo’s total user base.
Yahoo was however lucky they were dealing with a group of hackers who call themselves D33Ds Company and who I may reserve the right to call constructive since this was the message they left to Yahoo together with the leaked user accounts:
We hope that the parties responsible for managing the security of this subdomain will take this as a wake-up call, and not as a threat. There have been many security holes exploited in Web servers belonging to Yahoo Inc. that have caused far greater damage than our disclosure. Please do not take them lightly. The subdomain and vulnerable parameters have not been posted to avoid further damage.
Yahoo in its defense came out guns blazing and issued the following statement:
At Yahoo! we take security very seriously and invest heavily in protective measures to ensure the security of our users and their data across all our products. We confirm that an older file from Yahoo! Contributor Network (previously Associated Content) containing approximately 400,000 Yahoo! and other company users names and passwords was stolen yesterday, July 11. Of these, less than 5% of the Yahoo! accounts had valid passwords. We are fixing the vulnerability that led to the disclosure of this data, changing the passwords of the affected Yahoo! users and notifying the companies whose users accounts may have been compromised. We apologize to affected users. We encourage users to change their passwords on a regular basis and also familiarize themselves with our online safety tips at security.yahoo.com.
It is not clear exactly which Yahoo websites were hacked into though Kurt Baumgartner, a security researcher at Kaspersky which is a Russian antivirus firm said that Many of the victims may have been Associated Content users who signed up for the service before Yahoo turned it into Yahoo Voices in 2011.
The hacking occurred just a day after a San Francisco social network called Formspring was forced to reset the passwords for all of its 28 million users after hackers posted password information of about 420,000 members online. To make matters more interesting, just a month ago a similar breach of user security affected the passwords of about 6.5 million members of professional social network LinkedIn.
Anna Brading, a blogger with Sophos Naked Security, said that the list of compromised websites “just seems to keep growing” as she went on to say that
“In a little over a month, we’ve reported on breaches of Formspring, Last.fm, LinkedIn and eHarmony.” Her advice to Yahoo users-“If you use Yahoo Voices, you should probably change your password now.”
So what’s the lesson here? Be careful of how much you want others to know because you never know; next time it might be your information being put out there for the whole world to see……(-_-)