Yahoo Fixes Security Vulnerability
Yahoo has fixed a security vulnerability that allowed hackers to obtain and expose online about 450,000 user names and passwords, according to a company blogpost Friday.
The company had acknowledged the breach, which affected users of a service called the Yahoo Contributor Network, earlier in the week.
The hacked credentials were part of a “standalone file” containing Contributor Networkcredentials from before May 2010, when Yahoo purchased the company, according to Yahoo. The Network pays contributors modest sums to generate search engine-optimized content. Credentials in the file were “not used to grant access to Yahoo systems and services.”
Yahoo also said it has deployed additional security measures for affected users and strengthened itsunderlying security controls. It is also in the process of notifying affected users, and said it plans to continue to take “significant measures” to protect users and their data. Yahoo recommends that Contributor Network account holders change their sign-on information if they have not done so since before May 2010.
A hacking group calledD33Ds Company has taken responsibility for the hack.