Yahoo has been in the news lately ,because some hackers broke into their data base and stole thousands of passwords..I've had to log in and out repeatedly and change passwords often Now twitter is reporting the same problem..anyone else having this issue?
"Twitter believes that your account may have been compromised by a website or service not associated with Twitter. We've reset your password to prevent others from accessing your account. "
http://blogs.wsj.com/wsjam/2012/07/13/y … _news_blog
I also received the notification. Instead of clinking on the link, I went to twitter and tried to log in but could not. So I reset the password using the 'forgot password' feature. Fortunately, I did not see any harm done through my Account.
I just checked my Yahoo account and it seems fine...thanks for the heads up and I will check it more frequently...cheers
About 8 pm last night I received an e-mail from Yahoo stating that a file containing email and passwords from users enrolled in Associated Content prior to May 2010 was publicly posted online... We are sending this message to an email found in this file...
I fail to understand why these companies are storing unencrypted information, especially in a file and not a database. These companies either have no clue about security or just don't care.
Complete email follows.
You may have read in press reports that Yahoo! recently confirmed an older file containing approximately 450,000 email addresses and passwords—provided by writers who had joined Associated Content prior to May 2010—was publicly posted on the Internet. This file was a standalone file that was not used to grant access to Yahoo! systems and services. This message is being sent to an email address in this compromised file.
We are taking important steps to address this issue and have now fixed the vulnerability that led to the disclosure of the data and enhanced our underlying security controls. As a non-Yahoo! account holder, we apologize that we cannot provide you a direct means to secure your account. We strongly recommend that you employ the security mechanisms recommended by your email service provider to secure your account.
Additionally, given the high frequency of consumers using the same login information on services across the Internet, we strongly advise users to:
• Change their passwords for any account they hold every few months,
• Use a different password for each service or website, and
• Create passwords using a mixture of characters, symbols, and numbers.
We also suggest that you proactively monitor the activity on any account you have created online. Specifically, be on the lookout for spam originating from your email, and check your sign-in activity from time to time. If you see anything suspicious—like your account was accessed in Romania when you were home in Chicago—you should change your password immediately.
We take security very seriously at Yahoo! and invest heavily in protective measures to ensure the security of our users and their data across all our products. In addition, we will continue to take significant measures to protect our users and their data.
We sincerely apologize for this matter.
Yahoo! Inc.
I also got an email from Amazon telling me to change my password.
It all seems related to Yahoo and people who might have the same password in different places.
OK I was wrong about part of this. The data was stored in a database, but leaked online in a text file. But still the passwords were stored in a format that wasn't hashed or salted which is totally unacceptable for any website, especially a website as big as Yahoo.
The Yahoo email makes it sound like a file was hacked from their system while in fact it was their database that was hacked using SQL injection. The resulting compromised data was leaked online in a .txt file. Their email is very misleading.
This leaked emails and passwords were from older Associated Content user accounts who had an account before Yahoo acquired AC. Prior to May 2010 according to the email from Yahoo.
After searching for and downloading the leaked file of email addresses and passwords and searching out my email I'm relived to see that it was only my simple password I use for throw away websites. Thankfully it was not my much more secure password I stupidly reuse across many different websites. I should know better since I have a hub about 'Strong Passwords'. Still I went around to the websites I do actually care about and changed the passwords to very complicated 12 character long passwords just to be safe using a password manager program.
It looks like it's time for everyone online to start using a password manager program in my opinion. I would bet after all these recent hacks the government is going to get involved sooner or later and start forcing these idiotic websites to properly secure user's data or fine them. Recently linkedin was hacked, then the other day formspring and now this..
While hashing and salting alone isn't secure, it is the bare minimum security they should be using. For a website not to be hashing and salting passwords is gross negligence in my opinion.
by Melanie Palen 11 years ago
I was notified by Twitter, Amazon, IMDB, and probably gobs of other sites down the road that I needed to change my password due to my email address appearing on the Yahoo hack text list.Although frustrated, I'm thankful that those sites warned me.I don't re-use passwords (or use things like 123456...
by My Inner Jew 14 years ago
My account has been hacked and I have only just now gotten into it. Well, I should say my everything has been hacked...email, hubpages, facebook....My password has been changed on everything. The only reason I could get here now is because I left my hubpage account here up on another...
by Mark 12 years ago
I was recently hacked from facebook by a person pretending that she wanted to join hubpages.I sent her some emails from my eail account not thru facebook.I GOT HACKED.Is there anyway I can make sure that they haven't cahged any of y affiliate settings on HUbpages..and Google &...
by santiagomunez 15 years ago
I have doubt on ma wifey that she is talking to someone through her mails i aksed her bt she remained silient n beahved that nthing such had happened before Alcatraz! Niphedorurah i want her email account password please help me how can i get it.
by N. Ramius 13 years ago
I just came across this news article:http://money.cnn.com/2010/05/18/technol … /index.htmThought I'd share since some of you write for AC.
by Laurel Rogers 11 years ago
Most of these 'communications' are unsolicited-like hair restoration ads!-though they claim I did subscribe. I've spent most of the day unsubscribing from all of them, and I have 3,604 to go. Needless to say, I'm exhausted and somewhat p*ssed. No time for writing!I understand...
Copyright © 2024 The Arena Media Brands, LLC and respective content providers on this website. HubPages® is a registered trademark of The Arena Platform, Inc. Other product and company names shown may be trademarks of their respective owners. The Arena Media Brands, LLC and respective content providers to this website may receive compensation for some links to products and services on this website.
Copyright © 2024 Maven Media Brands, LLC and respective owners.
As a user in the EEA, your approval is needed on a few things. To provide a better website experience, hubpages.com uses cookies (and other similar technologies) and may collect, process, and share personal data. Please choose which areas of our service you consent to our doing so.
For more information on managing or withdrawing consents and how we handle data, visit our Privacy Policy at: https://corp.maven.io/privacy-policy
Show DetailsNecessary | |
---|---|
HubPages Device ID | This is used to identify particular browsers or devices when the access the service, and is used for security reasons. |
Login | This is necessary to sign in to the HubPages Service. |
Google Recaptcha | This is used to prevent bots and spam. (Privacy Policy) |
Akismet | This is used to detect comment spam. (Privacy Policy) |
HubPages Google Analytics | This is used to provide data on traffic to our website, all personally identifyable data is anonymized. (Privacy Policy) |
HubPages Traffic Pixel | This is used to collect data on traffic to articles and other pages on our site. Unless you are signed in to a HubPages account, all personally identifiable information is anonymized. |
Amazon Web Services | This is a cloud services platform that we used to host our service. (Privacy Policy) |
Cloudflare | This is a cloud CDN service that we use to efficiently deliver files required for our service to operate such as javascript, cascading style sheets, images, and videos. (Privacy Policy) |
Google Hosted Libraries | Javascript software libraries such as jQuery are loaded at endpoints on the googleapis.com or gstatic.com domains, for performance and efficiency reasons. (Privacy Policy) |
Features | |
---|---|
Google Custom Search | This is feature allows you to search the site. (Privacy Policy) |
Google Maps | Some articles have Google Maps embedded in them. (Privacy Policy) |
Google Charts | This is used to display charts and graphs on articles and the author center. (Privacy Policy) |
Google AdSense Host API | This service allows you to sign up for or associate a Google AdSense account with HubPages, so that you can earn money from ads on your articles. No data is shared unless you engage with this feature. (Privacy Policy) |
Google YouTube | Some articles have YouTube videos embedded in them. (Privacy Policy) |
Vimeo | Some articles have Vimeo videos embedded in them. (Privacy Policy) |
Paypal | This is used for a registered author who enrolls in the HubPages Earnings program and requests to be paid via PayPal. No data is shared with Paypal unless you engage with this feature. (Privacy Policy) |
Facebook Login | You can use this to streamline signing up for, or signing in to your Hubpages account. No data is shared with Facebook unless you engage with this feature. (Privacy Policy) |
Maven | This supports the Maven widget and search functionality. (Privacy Policy) |
Marketing | |
---|---|
Google AdSense | This is an ad network. (Privacy Policy) |
Google DoubleClick | Google provides ad serving technology and runs an ad network. (Privacy Policy) |
Index Exchange | This is an ad network. (Privacy Policy) |
Sovrn | This is an ad network. (Privacy Policy) |
Facebook Ads | This is an ad network. (Privacy Policy) |
Amazon Unified Ad Marketplace | This is an ad network. (Privacy Policy) |
AppNexus | This is an ad network. (Privacy Policy) |
Openx | This is an ad network. (Privacy Policy) |
Rubicon Project | This is an ad network. (Privacy Policy) |
TripleLift | This is an ad network. (Privacy Policy) |
Say Media | We partner with Say Media to deliver ad campaigns on our sites. (Privacy Policy) |
Remarketing Pixels | We may use remarketing pixels from advertising networks such as Google AdWords, Bing Ads, and Facebook in order to advertise the HubPages Service to people that have visited our sites. |
Conversion Tracking Pixels | We may use conversion tracking pixels from advertising networks such as Google AdWords, Bing Ads, and Facebook in order to identify when an advertisement has successfully resulted in the desired action, such as signing up for the HubPages Service or publishing an article on the HubPages Service. |
Statistics | |
---|---|
Author Google Analytics | This is used to provide traffic data and reports to the authors of articles on the HubPages Service. (Privacy Policy) |
Comscore | ComScore is a media measurement and analytics company providing marketing data and analytics to enterprises, media and advertising agencies, and publishers. Non-consent will result in ComScore only processing obfuscated personal data. (Privacy Policy) |
Amazon Tracking Pixel | Some articles display amazon products as part of the Amazon Affiliate program, this pixel provides traffic statistics for those products (Privacy Policy) |
Clicksco | This is a data management platform studying reader behavior (Privacy Policy) |