ID: IRCNE2012071552
Date: 2012-07-14
According to "zdnet", earlier this week, the hacker group D33ds Company claimed responsibility for attacking a Yahoo service and exposing 450,000 plain text login credentials. It had exploited a basic SQL injection vulnerability in a Yahoo service to steal the usernames and passwords associated with 453,000 accounts. The group published the passwords and email addresses on the Web.
Yahoo then confirmed that the accounts were compromised, though it emphasized less than 5 percent of the credentials were valid. Yahoo also confirmed that the stolen account credentials belonged to registered users of its Yahoo Contributor Network, which was previously known as Associated Content.
Yahoo today closed the saga by fixing the flaw in question.
Interestingly, the last time Yahoo provided a statement, the number of compromised accounts was 400,000.
If you have a Yahoo account, you should change your password, just to be on the safe side. Furthermore, if you use the same e-mail address and password combination elsewhere, you should change it there as well.