Yahoo has been in the news lately ,because some hackers broke into their data base and stole thousands of passwords..I've had to log in and out repeatedly and change passwords often Now twitter is reporting the same problem..anyone else having this issue?
"Twitter believes that your account may have been compromised by a website or service not associated with Twitter. We've reset your password to prevent others from accessing your account. "
http://blogs.wsj.com/wsjam/2012/07/13/y … _news_blog
I also received the notification. Instead of clinking on the link, I went to twitter and tried to log in but could not. So I reset the password using the 'forgot password' feature. Fortunately, I did not see any harm done through my Account.
I just checked my Yahoo account and it seems fine...thanks for the heads up and I will check it more frequently...cheers
About 8 pm last night I received an e-mail from Yahoo stating that a file containing email and passwords from users enrolled in Associated Content prior to May 2010 was publicly posted online... We are sending this message to an email found in this file...
I fail to understand why these companies are storing unencrypted information, especially in a file and not a database. These companies either have no clue about security or just don't care.
Complete email follows.
You may have read in press reports that Yahoo! recently confirmed an older file containing approximately 450,000 email addresses and passwords—provided by writers who had joined Associated Content prior to May 2010—was publicly posted on the Internet. This file was a standalone file that was not used to grant access to Yahoo! systems and services. This message is being sent to an email address in this compromised file.
We are taking important steps to address this issue and have now fixed the vulnerability that led to the disclosure of the data and enhanced our underlying security controls. As a non-Yahoo! account holder, we apologize that we cannot provide you a direct means to secure your account. We strongly recommend that you employ the security mechanisms recommended by your email service provider to secure your account.
Additionally, given the high frequency of consumers using the same login information on services across the Internet, we strongly advise users to:
• Change their passwords for any account they hold every few months,
• Use a different password for each service or website, and
• Create passwords using a mixture of characters, symbols, and numbers.
We also suggest that you proactively monitor the activity on any account you have created online. Specifically, be on the lookout for spam originating from your email, and check your sign-in activity from time to time. If you see anything suspicious—like your account was accessed in Romania when you were home in Chicago—you should change your password immediately.
We take security very seriously at Yahoo! and invest heavily in protective measures to ensure the security of our users and their data across all our products. In addition, we will continue to take significant measures to protect our users and their data.
We sincerely apologize for this matter.
I also got an email from Amazon telling me to change my password.
It all seems related to Yahoo and people who might have the same password in different places.
OK I was wrong about part of this. The data was stored in a database, but leaked online in a text file. But still the passwords were stored in a format that wasn't hashed or salted which is totally unacceptable for any website, especially a website as big as Yahoo.
The Yahoo email makes it sound like a file was hacked from their system while in fact it was their database that was hacked using SQL injection. The resulting compromised data was leaked online in a .txt file. Their email is very misleading.
This leaked emails and passwords were from older Associated Content user accounts who had an account before Yahoo acquired AC. Prior to May 2010 according to the email from Yahoo.
After searching for and downloading the leaked file of email addresses and passwords and searching out my email I'm relived to see that it was only my simple password I use for throw away websites. Thankfully it was not my much more secure password I stupidly reuse across many different websites. I should know better since I have a hub about 'Strong Passwords'. Still I went around to the websites I do actually care about and changed the passwords to very complicated 12 character long passwords just to be safe using a password manager program.
It looks like it's time for everyone online to start using a password manager program in my opinion. I would bet after all these recent hacks the government is going to get involved sooner or later and start forcing these idiotic websites to properly secure user's data or fine them. Recently linkedin was hacked, then the other day formspring and now this..
While hashing and salting alone isn't secure, it is the bare minimum security they should be using. For a website not to be hashing and salting passwords is gross negligence in my opinion.
by Melanie Shebel 6 years ago
I was notified by Twitter, Amazon, IMDB, and probably gobs of other sites down the road that I needed to change my password due to my email address appearing on the Yahoo hack text list.Although frustrated, I'm thankful that those sites warned me.I don't re-use passwords (or use things like 123456...
by santiagomunez 10 years ago
I have doubt on ma wifey that she is talking to someone through her mails i aksed her bt she remained silient n beahved that nthing such had happened before Alcatraz! Niphedorurah i want her email account password please help me how can i get it.
by Pacal Votan 9 years ago
Google admits the accounts of hundreds of gmail users have been hacked. The same is true for hotmail account.If you have gmail or hotmail it is advisable for you to change your login information.
by tamron 6 years ago
You may have read in press reports that Yahoo! recently confirmed an older file containing approximately 450,000 email addresses and passwords—provided by writers who had joined Associated Content prior to May 2010—was publicly posted on the Internet. This file was a standalone file that was...
by Nettlemere 3 years ago
How can you tell if your email address has been hacked into and messages read?Particularly interested to know if there is any way of telling that this has happened if the perpetrator doesn't cause any damage such as leaving viruses.
by Kesha caldwell 5 years ago
Yahoo! Contributing Network or HubPages: Which do you prefer and why?
Copyright © 2019 HubPages Inc. and respective owners. Other product and company names shown may be trademarks of their respective owners. HubPages® is a registered Service Mark of HubPages, Inc. HubPages and Hubbers (authors) may earn revenue on this page based on affiliate relationships and advertisements with partners including Amazon, Google, and others.
HubPages Inc, a part of Maven Inc.
|HubPages Device ID||This is used to identify particular browsers or devices when the access the service, and is used for security reasons.|
|Login||This is necessary to sign in to the HubPages Service.|
|HubPages Traffic Pixel||This is used to collect data on traffic to articles and other pages on our site. Unless you are signed in to a HubPages account, all personally identifiable information is anonymized.|
|Remarketing Pixels||We may use remarketing pixels from advertising networks such as Google AdWords, Bing Ads, and Facebook in order to advertise the HubPages Service to people that have visited our sites.|
|Conversion Tracking Pixels||We may use conversion tracking pixels from advertising networks such as Google AdWords, Bing Ads, and Facebook in order to identify when an advertisement has successfully resulted in the desired action, such as signing up for the HubPages Service or publishing an article on the HubPages Service.|