Yahoo Voices Hacked, Usernames and Passwords Posted Online. (opens in new tab)

(news.yahoo.com)

52 pointsautomagical13y ago22 comments

22 comments

22 comments · 13 top-level

techinsidr13y ago· 2 in thread

This story is incorrect to boot. It was Yahoo! VOICES with an (S) not Yahoo Voice.

ovi25613y ago

Well, I find it pretty ridiculous that Yahoo has so many products that Voice and Voices are different products.

dhughes13y ago

I've never heard of either...either.

exim13y ago· 2 in thread

I can understand the joy feeling for someone to hack something, but what's the point of posting people's passwords online?

tomjen313y ago

Could be blackmail gone unanswered (e.g pay us or we publish), could be hatred of Yahoo (either a competitioner, an employee, or just someone who feels wronged).

Or it could be a need to prove onself -- see what I can do, now fear my wrath.

Or it could simply be hatred of humanity, you embarrass people enough and they may lass out on you -- in this case by putting your password online, in other cases by bringing a gun to school.

Summing up, it strongly depends on who did it.

hessenwolf13y ago

Yes, it really is a douchey thing to do.

geekin13y ago· 2 in thread

WTF - Yahoo news posting about Yahoo's username password hacked...this is seriously ridiculous.

s_henry_paulson13y ago

No, ridiculous would be them trying to cover it up.

This is perfectly normal.

tathagatadg13y ago

I guess its surprising that it does not cite a official press release from the company, (which is what you would normally expect), but to another news site. Also if one of your products faces such a crisis situation, would you want your users to read the company's reaction in such dispassionate, unapologetic language?

drostie13y ago· 1 in thread

At the risk of essentially slashdotting myself or making my web host very angry at me, I have stripped out the passwords so that the only component remaining is the email addresses, in case you want to check whether you were part of the breach. (I was not! hooray!)

I am hosting this at: http://drostie.org/yahoo_leak.txt . If I receive too much traffic I may simply pastebin it.

zecho13y ago

Thank you. One of my email addresses is there. Thankfully it's just an account I use for fantasy baseball. Super obnoxious, though.

jgroome13y ago· 1 in thread

I love how this is a story about Yahoo, reported on Mashable, then cross-posted to Yahoo News.

jeremyarussell13y ago

http://cheezburger.com/6419346176?utm_source=trans&utm_m...

I made this for that very reason.

bigodines13y ago· 1 in thread

I think these accounts were prior to Yahoo! Acquisition of associatedcontent. There is NO WAY for a "native" yahoo property to store plain text passwords. Of course this is a yahoo fault to buy a company with such a weak security...

If this was a leak in yahoo, the number of users with a yahoo e-mail would be much, much higher.

tathastu13y ago

I presume that means also that the passwords could be different from the actual yahoo account passwords? Of course people might have kept them the same...

dhawalhs13y ago

A co-worker's Yahoo account started IM'ing spam links to everybody in his friend list yesterday. This might be why.

davedd13y ago

We did an analysis of the dump:

http://blog.sucuri.net/2012/07/analysis-of-yahoo-voice-passw...

Interesting is the lack of "yahoo" as part of the passwords... I would expect a much higher % from a yahoo leak.

1 more reply

charliesome13y ago

It's a bit sad that the first bit of correspondence from Yahoo was actually just a syndicated news article from another source.

It makes you stop and think about whether they take security and their customers seriously.

mistermann13y ago

Anyone know exactly what it means to be a yahoo voice user? I use yahoo chat, and I think I've used voice chat in the past, but I don't see my username in the dump drostie posted.

rb2k_13y ago

Is there a simple and free service that sends me an email once my address shows up in one of the various dumps that leak to the net these days?

davedd13y ago

A quick tool for end users to check if their emails were compromised:

http://labs.sucuri.net/?yahooleak

SaulOfTheJungle13y ago

Something something nail in the coffin.

j / k navigate · click thread line to collapse

22 comments

22 comments · 13 top-level

techinsidr13y ago· 2 in thread

This story is incorrect to boot. It was Yahoo! VOICES with an (S) not Yahoo Voice.

ovi25613y ago

Well, I find it pretty ridiculous that Yahoo has so many products that Voice and Voices are different products.

dhughes13y ago

I've never heard of either...either.

exim13y ago· 2 in thread

I can understand the joy feeling for someone to hack something, but what's the point of posting people's passwords online?

tomjen313y ago

Could be blackmail gone unanswered (e.g pay us or we publish), could be hatred of Yahoo (either a competitioner, an employee, or just someone who feels wronged).

Or it could be a need to prove onself -- see what I can do, now fear my wrath.

Or it could simply be hatred of humanity, you embarrass people enough and they may lass out on you -- in this case by putting your password online, in other cases by bringing a gun to school.

Summing up, it strongly depends on who did it.

hessenwolf13y ago

Yes, it really is a douchey thing to do.

geekin13y ago· 2 in thread

WTF - Yahoo news posting about Yahoo's username password hacked...this is seriously ridiculous.

s_henry_paulson13y ago

No, ridiculous would be them trying to cover it up.

This is perfectly normal.

tathagatadg13y ago

drostie13y ago· 1 in thread

I am hosting this at: http://drostie.org/yahoo_leak.txt . If I receive too much traffic I may simply pastebin it.

zecho13y ago

Thank you. One of my email addresses is there. Thankfully it's just an account I use for fantasy baseball. Super obnoxious, though.

jgroome13y ago· 1 in thread

I love how this is a story about Yahoo, reported on Mashable, then cross-posted to Yahoo News.

jeremyarussell13y ago

http://cheezburger.com/6419346176?utm_source=trans&utm_m...

I made this for that very reason.

bigodines13y ago· 1 in thread

If this was a leak in yahoo, the number of users with a yahoo e-mail would be much, much higher.

tathastu13y ago

I presume that means also that the passwords could be different from the actual yahoo account passwords? Of course people might have kept them the same...

dhawalhs13y ago

A co-worker's Yahoo account started IM'ing spam links to everybody in his friend list yesterday. This might be why.

davedd13y ago

We did an analysis of the dump:

http://blog.sucuri.net/2012/07/analysis-of-yahoo-voice-passw...

Interesting is the lack of "yahoo" as part of the passwords... I would expect a much higher % from a yahoo leak.

1 more reply

charliesome13y ago

It's a bit sad that the first bit of correspondence from Yahoo was actually just a syndicated news article from another source.

It makes you stop and think about whether they take security and their customers seriously.

mistermann13y ago

Anyone know exactly what it means to be a yahoo voice user? I use yahoo chat, and I think I've used voice chat in the past, but I don't see my username in the dump drostie posted.

rb2k_13y ago

Is there a simple and free service that sends me an email once my address shows up in one of the various dumps that leak to the net these days?

davedd13y ago

A quick tool for end users to check if their emails were compromised:

http://labs.sucuri.net/?yahooleak

SaulOfTheJungle13y ago

Something something nail in the coffin.

j / k navigate · click thread line to collapse