Yahoo has been in the news lately ,because some hackers broke into their data base and stole thousands of passwords..I've had to log in and out repeatedly and change passwords often Now twitter is reporting the same problem..anyone else having this issue?
"Twitter believes that your account may have been compromised by a website or service not associated with Twitter. We've reset your password to prevent others from accessing your account. "
http://blogs.wsj.com/wsjam/2012/07/13/y … _news_blog
I also received the notification. Instead of clinking on the link, I went to twitter and tried to log in but could not. So I reset the password using the 'forgot password' feature. Fortunately, I did not see any harm done through my Account.
I just checked my Yahoo account and it seems fine...thanks for the heads up and I will check it more frequently...cheers
About 8 pm last night I received an e-mail from Yahoo stating that a file containing email and passwords from users enrolled in Associated Content prior to May 2010 was publicly posted online... We are sending this message to an email found in this file...
I fail to understand why these companies are storing unencrypted information, especially in a file and not a database. These companies either have no clue about security or just don't care.
Complete email follows.
You may have read in press reports that Yahoo! recently confirmed an older file containing approximately 450,000 email addresses and passwords—provided by writers who had joined Associated Content prior to May 2010—was publicly posted on the Internet. This file was a standalone file that was not used to grant access to Yahoo! systems and services. This message is being sent to an email address in this compromised file.
We are taking important steps to address this issue and have now fixed the vulnerability that led to the disclosure of the data and enhanced our underlying security controls. As a non-Yahoo! account holder, we apologize that we cannot provide you a direct means to secure your account. We strongly recommend that you employ the security mechanisms recommended by your email service provider to secure your account.
Additionally, given the high frequency of consumers using the same login information on services across the Internet, we strongly advise users to:
• Change their passwords for any account they hold every few months,
• Use a different password for each service or website, and
• Create passwords using a mixture of characters, symbols, and numbers.
We also suggest that you proactively monitor the activity on any account you have created online. Specifically, be on the lookout for spam originating from your email, and check your sign-in activity from time to time. If you see anything suspicious—like your account was accessed in Romania when you were home in Chicago—you should change your password immediately.
We take security very seriously at Yahoo! and invest heavily in protective measures to ensure the security of our users and their data across all our products. In addition, we will continue to take significant measures to protect our users and their data.
We sincerely apologize for this matter.
I also got an email from Amazon telling me to change my password.
It all seems related to Yahoo and people who might have the same password in different places.
OK I was wrong about part of this. The data was stored in a database, but leaked online in a text file. But still the passwords were stored in a format that wasn't hashed or salted which is totally unacceptable for any website, especially a website as big as Yahoo.
The Yahoo email makes it sound like a file was hacked from their system while in fact it was their database that was hacked using SQL injection. The resulting compromised data was leaked online in a .txt file. Their email is very misleading.
This leaked emails and passwords were from older Associated Content user accounts who had an account before Yahoo acquired AC. Prior to May 2010 according to the email from Yahoo.
After searching for and downloading the leaked file of email addresses and passwords and searching out my email I'm relived to see that it was only my simple password I use for throw away websites. Thankfully it was not my much more secure password I stupidly reuse across many different websites. I should know better since I have a hub about 'Strong Passwords'. Still I went around to the websites I do actually care about and changed the passwords to very complicated 12 character long passwords just to be safe using a password manager program.
It looks like it's time for everyone online to start using a password manager program in my opinion. I would bet after all these recent hacks the government is going to get involved sooner or later and start forcing these idiotic websites to properly secure user's data or fine them. Recently linkedin was hacked, then the other day formspring and now this..
While hashing and salting alone isn't secure, it is the bare minimum security they should be using. For a website not to be hashing and salting passwords is gross negligence in my opinion.
by santiagomunez8 years ago
I have doubt on ma wifey that she is talking to someone through her mails i aksed her bt she remained silient n beahved that nthing such had happened before Alcatraz! Niphedorurah i want her email account password...
by Melanie4 years ago
I was notified by Twitter, Amazon, IMDB, and probably gobs of other sites down the road that I needed to change my password due to my email address appearing on the Yahoo hack text list.Although frustrated, I'm thankful...
by ngureco5 years ago
I received the emailed quoted below and wondered if it could be for real. If not, what is the sender of this email aiming at achieving?From: Yahoo! To: Sent: Sunday, May 22, 2011 5:47 PMSubject: Your mailbox has...
by Laurel Rogers4 years ago
I just received this in my email and am not certain what's going on:_______________________________________________________________________________"Hi, lorlie6Twitter believes that your account may have been...
by Kelly Kline Burnett5 years ago
From a marketing perspective, I am trying to navigate Twitter. Do I need a Twitter account for each subject? How many Twitter accounts do you actively manage? Recommendations?
by Audrey Selig11 months ago
It had no Hubpage money in it , but I froze my personal checking account associated with Paypal. I sm receivng emails, I believe, from a Paypal fraud site and also Paypal.
Copyright © 2017 HubPages Inc. and respective owners.
Other product and company names shown may be trademarks of their respective owners.
HubPages® is a registered Service Mark of HubPages, Inc.
HubPages and Hubbers (authors) may earn revenue on this page based on affiliate relationships and advertisements with partners including Amazon, Google, and others.