Yahoo passwords were stored unencrypted and stolen via a SQL injection attack, attackers claim. Meanwhile, Formspring resets passwords for 28 million users after a password breach.
By Mathew J. Schwartz InformationWeek
July 12, 2012 08:59 AM
Yahoo Voice users: Change your Yahoo password immediately.
A hacker or hacking group that bills itself as "DD3Ds Company" Thursday leaked what it said were plaintext passwords for 453,492 Yahoo accounts, as well as over 2,700 database table or column names, and 298 MySQL variables. DD3Ds said it obtained the data by executing a SQL injection attack against an unnamed Yahoo subdomain, which security experts have identified as being Yahoo Voice.
You do not have permission to view link Log in or register now.
Updated 07:42 p.m., Wednesday, July 11, 2012
Social network Formspring reset passwords for all of its 28 million members Wednesday after hackers posted password information to about 420,000 accounts online.