Yahoo Hack

Jump to Last Post 1-6 of 6 discussions (13 posts)
  1. melbel profile image94
    melbelposted 7 years ago

    I was notified by Twitter, Amazon, IMDB, and probably gobs of other sites down the road that I needed to change my password due to my email address appearing on the Yahoo hack text list.

    Although frustrated, I'm thankful that those sites warned me.

    I don't re-use passwords (or use things like 123456 as my password as the text list shows to be extremely common), so fortunately, I was just locked out of my accounts based on the fact that my email appeared on the list. I could only hope that others could be so lucky.

    I thought it would be nice if HP sent a warning to users because a bulk of the username/password credentials stolen were from Associated Content, a writing site that many hubbers use.

    There is a searchable cleartext list via Dazzlepod that HubPages could utilize in order to notify hubbers whose credentials appear on said list. Or maybe a PSA like, "Check your email address against this list. And don't reuse passwords."

    Just a thought.

    1. galleryofgrace profile image71
      galleryofgraceposted 7 years agoin reply to this

      You guys be careful- the email I received from Twitter was a scam. Or rather they claimed to be twitter. Never click on the links in the email. If you do, the site you arrive at is probably the scammers site. Many of them look very real. And if you go and change your password using their link you just gave them access to your account.
      I knew this because the email address they sent the phishing email to is not the one I use for twitter.

  2. Pearldiver profile image78
    Pearldiverposted 7 years ago


    It's far more than...

    'Just a Thought'

  3. Kangaroo_Jase profile image79
    Kangaroo_Jaseposted 7 years ago

    Because of this debacle, Ive had to change my passwords for 7 sites who got spooked about this.


    When I was in the corporate world, I had to change my password to my company account every month. I have never seen this for any site I use on the internet. Ever.

    Now THERE is an interesting thought.

  4. lorlie6 profile image81
    lorlie6posted 7 years ago

    I went to dazzlepod yesterday and apparently my accounts are okay.  But this situation is absolutely frightening-lesson learned.

    1. galleryofgrace profile image71
      galleryofgraceposted 7 years agoin reply to this

      Care to explain to the rest of us - exactly how you did that since dazlepod is simply a business website for which you all have caused many people to visit?

      1. profile image0
        Chris Hughposted 7 years agoin reply to this

        Google "dazzlepod yahoo" and you'll see that dazzlepod lets you check and see if your mail address was one of the ones hacked. Does that clear this up for you? Thanks for the friendly, open tone of your question. It's great to see questions asked and answered without insinuations.

      2. melbel profile image94
        melbelposted 7 years agoin reply to this

        Dazzlepod is just one of many sites that allows you to search by your email address to see if you were one of the several thousand users whose credentials were stolen by a group of hackers.

        While I'm not big on "hey, visit this company's site", they offer a helpful service in a time when a lot of people are finding themselves locked out of their online accounts. And, in fact, I didn't openly suggest that all hubbers check their email against dazzlepods list, but rather that HubPages use their database to create a list of hubbers they should warn. And who cares if it's dazzlepod that offers a free, searchable database for users to check? I didn't see an email from Yahoo saying, "Hey, Melanie, your sh*t's been stolen." If they profit in any way from it (do they show ads? idk), I don't have a problem with it, because really it's a service that really Yahoo! should be taking care of since it was their database that was hacked in the first place.

        PBS offers a similar service, but I found their database slow-to-load which probably wouldn't be a good option if you're going to be programatically searching a database (which is what I've proposed to HP staff.)

        And yes, don't click links in emails. That said, I truly was locked out of my Twitter, IMDB, and Amazon accounts since they did what I'm proposing what HP do: Notify hubbers if their email address appears on the list.

        Why? Because tons of people use the same password and handle across a number of accounts.

        If you used with the password thisismypassword123 on Associated Content, it's likely that your password to login to HubPages is thisismypassword123. Maybe it's the same login info you use on Twitter, Amazon, and even your email account. If you reuse passwords AND appear on the stolen credential list, congratulations, a large group of hackers and, well now tons of people know your login information (potentially across several sites) since handles and passwords were publicly released on a text list via Twitter. Thus anyone can try your email and password set across several hundred sites to see if they can "get in".

        Bank accounts, HubPages, AdSense (heck, your entire Google account), eBay, whatever.

        And yeah, it only really pertains to people who reuse passwords, but enough people do this that it warrants a PSA.

  5. Dave Mathews profile image60
    Dave Mathewsposted 7 years ago

    I don't understand how there is a need to change your password here on Hub since we are a group of writers?

    1. Kangaroo_Jase profile image79
      Kangaroo_Jaseposted 7 years agoin reply to this

      No changes at this stage for HubPages Dave.

    2. melbel profile image94
      melbelposted 7 years agoin reply to this

      If you use the same password here as you use on other sites, there would be a need to change your password.

  6. viryabo profile image95
    viryaboposted 7 years ago

    I just checked dazzlepod and got this message:
    "You have been banned temporarily for making too many requests"

    Now this is baffling because i only tried to check a couple of minutes ago. 1 time!
    I remember when i tried to sign in a fw days ago, my "Security seal" (or something like that) was missing, so i just didn't sign in.

    Should i just change my P/W?

    1. melbel profile image94
      melbelposted 7 years agoin reply to this

      Hmm, that's really strange! I don't see a login form on the dazzlepod cleartext list anywhere. There's just a search box. Are you sure you're on the correct site? I don't see a login form anywhere on their site. is the url for the searchable database, no login there, either. :S

      On a side note, if your time and date are incorrect on your computer, that would cause security certificate issues. Just noting this since it's the most common cause for cert problems, for me at least.


This website uses cookies

As a user in the EEA, your approval is needed on a few things. To provide a better website experience, uses cookies (and other similar technologies) and may collect, process, and share personal data. Please choose which areas of our service you consent to our doing so.

For more information on managing or withdrawing consents and how we handle data, visit our Privacy Policy at:

Show Details
HubPages Device IDThis is used to identify particular browsers or devices when the access the service, and is used for security reasons.
LoginThis is necessary to sign in to the HubPages Service.
Google RecaptchaThis is used to prevent bots and spam. (Privacy Policy)
AkismetThis is used to detect comment spam. (Privacy Policy)
HubPages Google AnalyticsThis is used to provide data on traffic to our website, all personally identifyable data is anonymized. (Privacy Policy)
HubPages Traffic PixelThis is used to collect data on traffic to articles and other pages on our site. Unless you are signed in to a HubPages account, all personally identifiable information is anonymized.
Amazon Web ServicesThis is a cloud services platform that we used to host our service. (Privacy Policy)
CloudflareThis is a cloud CDN service that we use to efficiently deliver files required for our service to operate such as javascript, cascading style sheets, images, and videos. (Privacy Policy)
Google Hosted LibrariesJavascript software libraries such as jQuery are loaded at endpoints on the or domains, for performance and efficiency reasons. (Privacy Policy)
Google Custom SearchThis is feature allows you to search the site. (Privacy Policy)
Google MapsSome articles have Google Maps embedded in them. (Privacy Policy)
Google ChartsThis is used to display charts and graphs on articles and the author center. (Privacy Policy)
Google AdSense Host APIThis service allows you to sign up for or associate a Google AdSense account with HubPages, so that you can earn money from ads on your articles. No data is shared unless you engage with this feature. (Privacy Policy)
Google YouTubeSome articles have YouTube videos embedded in them. (Privacy Policy)
VimeoSome articles have Vimeo videos embedded in them. (Privacy Policy)
PaypalThis is used for a registered author who enrolls in the HubPages Earnings program and requests to be paid via PayPal. No data is shared with Paypal unless you engage with this feature. (Privacy Policy)
Facebook LoginYou can use this to streamline signing up for, or signing in to your Hubpages account. No data is shared with Facebook unless you engage with this feature. (Privacy Policy)
MavenThis supports the Maven widget and search functionality. (Privacy Policy)
Google AdSenseThis is an ad network. (Privacy Policy)
Google DoubleClickGoogle provides ad serving technology and runs an ad network. (Privacy Policy)
Index ExchangeThis is an ad network. (Privacy Policy)
SovrnThis is an ad network. (Privacy Policy)
Facebook AdsThis is an ad network. (Privacy Policy)
Amazon Unified Ad MarketplaceThis is an ad network. (Privacy Policy)
AppNexusThis is an ad network. (Privacy Policy)
OpenxThis is an ad network. (Privacy Policy)
Rubicon ProjectThis is an ad network. (Privacy Policy)
TripleLiftThis is an ad network. (Privacy Policy)
Say MediaWe partner with Say Media to deliver ad campaigns on our sites. (Privacy Policy)
Remarketing PixelsWe may use remarketing pixels from advertising networks such as Google AdWords, Bing Ads, and Facebook in order to advertise the HubPages Service to people that have visited our sites.
Conversion Tracking PixelsWe may use conversion tracking pixels from advertising networks such as Google AdWords, Bing Ads, and Facebook in order to identify when an advertisement has successfully resulted in the desired action, such as signing up for the HubPages Service or publishing an article on the HubPages Service.
Author Google AnalyticsThis is used to provide traffic data and reports to the authors of articles on the HubPages Service. (Privacy Policy)
ComscoreComScore is a media measurement and analytics company providing marketing data and analytics to enterprises, media and advertising agencies, and publishers. Non-consent will result in ComScore only processing obfuscated personal data. (Privacy Policy)
Amazon Tracking PixelSome articles display amazon products as part of the Amazon Affiliate program, this pixel provides traffic statistics for those products (Privacy Policy)
ClickscoThis is a data management platform studying reader behavior (Privacy Policy)