Yahoo says usernames and passwords stolen, information used to gather
names, addresses
The Canadian Press - Thursday, 30 January, 2014

NEW YORK, N.Y. - Usernames and passwords of some of Yahoo's email
customers have been stolen and used to gather personal information
about people those Yahoo mail users have recently corresponded with,
the company said Thursday.
Yahoo didn't say how many accounts have been affected. Yahoo is the
second-largest email service worldwide, after Google's Gmail,
according to the research firm comScore. There are 273 million Yahoo
mail accounts worldwide, including 81 million in the United States.
It's the latest in a string of security breaches that have allowed
hackers to nab personal information using software that analysts say
is ever more sophisticated. Up to 70 million customers of Target
stores had their personal information and credit and debit card
numbers compromised late last year, and Neiman Marcus was the victim
of a similar breach in December.
"It's an old trend, but it's much more exaggerated now because the
programs the bad guys use are much more sophisticated now," says
Avivah Litan, a security analyst at the technology research firm
Gartner. "We're clearly under attack."
Yahoo Inc. said in a blog post on its breach that "The information
sought in the attack seems to be names and email addresses from the
affected accounts' most recent sent emails."
That could mean hackers were looking for additional email addresses to
send spam or scam messages. By grabbing real names from those sent
folders, hackers could try to make bogus messages appear more
legitimate to recipients.
"It's much more likely that I'd click on something from you if we
email all the time," says Richard Mogull, analyst and CEO of Securois,
a security research and advisory firm.
The bigger danger: access to email accounts could lead to more serious
breaches involving banking and shopping sites. That's because many
people reuse passwords across many sites, and also because many sites
use email to reset passwords. Hackers could try logging in to such a
site with the Yahoo email address, for instance, and ask that a
password reminder be sent by email.
Litan said hackers appear to be "trying to collect as much information
as they can on people. Putting all this stuff together makes it easier
to steal somebody's identity."
Yahoo said the usernames and passwords weren't collected from its own
systems, but from a third-party database.
Because so many people use the same passwords across multiple sites,
it's possible hackers broke in to some service that lets people use
email addresses as their usernames. The hackers could have grabbed
passwords stored at that service, filtered out the accounts with Yahoo
addresses and used that information to log in to Yahoo's mail systems,
said Johannes Ullrich, dean of research at the SANS Institute, a group
devoted to security research and education.
The breach is the second mishap for Yahoo's mail service in two
months. In December, the service suffered a multi-day outage that
prompted Yahoo CEO Marissa Mayer to issue an apology.
Yahoo said it is resetting passwords on affected accounts and has
"implemented additional measures" to block further attacks. The
company would not comment beyond the information in its blog post. It
said it is working with federal law enforcement.
http://ca.m.yahoo.com/w/legobpengine/news/yahoo-says-usernames-passwords-stolen-information-used-gather-230554135.html?.b=world%2F%3F.b%3Dindex%252f&.cf3=United+States&.cf4=11&.cf5=The+Canadian+Press&.cf6=%2Fworld%2F&.ts=1391303597&.intl=ca&.lang=en-ca
14 comments

I think all these companies telling us our online payments are totally
secure are lieing. Just a feeling.
A Yahoo! User, Friday, 31 January, 2014

All I have to do is call NSA and ask them to track who stole my
information, sad part no one answered my calls, although I got a
message to call 1-800=BOO HOO.
A Yahoo! User, 19 hrs ago

QUESTION: What is the legal 'duty of care' Yahoo has to protect its
customers from this type of theft? QUESTION: Is Yahoo legally
obligated to inform every customer whose data was stolen? QUESTION:
Can customers take legal action against Yahoo for this type of theft?
Shhhh., Friday, 31 January, 2014

Good thing all my info isn't actually me.
Robert, Friday, 31 January, 2014

Watch all the spam start coming from phishing sources claiming to be
yahoo and wanting us to provide confidential information for account
recovery ... likely the same scammers who did the thefts. How
effectively will yahoo block them and defend us? And why didn't
yahoo's security dent access like gmail does?
dedbeare, Friday, 31 January, 2014
Use a separate credit card for online purchases, and set a limit on it
of somewhere within the range of 2,500 or less. Don't assume that
anything you do on the internet is private.
A Yahoo! User, Thursday, 30 January, 2014

Good thing all my info is already being monitored.
A Yahoo! User, Friday, 31 January, 2014

Hmmm, a number of years ago I would get random emails from people I
did not know with typical stop spam responses. I barely ever use email
and never gave it much thought. =/
A Yahoo! User, Friday, 31 January, 2014

I sure as heck hope that ALL of those whose information has been
stolen are notified by Yahoo, so that they can then initiate legal
action.
Shhhh., Friday, 31 January, 2014

Okay everyone: time for a class action lawsuit against yahoo. Our
identities have been stolen and yahoo's security is at fault. There is
breach of trust here. Our internet providers need to be accountable.
A Yahoo! User, Friday, 31 January, 2014
--
SIBOMANA Jean Bosco
Google+: https://plus.google.com/110493390983174363421/posts
YouTube Channel: http://www.youtube.com/playlist?list=PL9B4024D0AE764F3D
http://www.youtube.com/user/sibomanaxyz999
***Online Time:15H30-20H30, heure de Montréal.***Fuseau horaire
domestique: heure normale de la côte Est des Etats-Unis et Canada
(GMT-05:00)***
Reply via web post | Reply to sender | Reply to group | Start a New Topic | Messages in this topic (1) |
.To post a message: RwandaLibre@yahoogroups.com; .To join: RwandaLibre-subscribe@yahoogroups.com; .To unsubscribe from this group,send an email to:
RwandaLibre-unsubscribe@yahoogroups.com
_____________________________________________________
More news: http://amakurunamateka.blogspot.co.uk/; http://ikangurambaga.blogspot.co.uk/
--------------------------------------------------------------------------