Yahoo recently announced that their users email and passwords have been hacked and posted online. The download file is a text file named as yahoo-disclosure.txt of size 17.1MB. But according to the officials at Yahoo, many of the email and passwords are not valid only few of them are. This is another news of breach of security comes after LinkedIn accounts were hacked. The hacking was done reportedly by the group who are known as D33D Company. Rubbing salt in the wound they were quoted as saying that hacking as done using SQL Injection to get access of the unencrypted password, which is old method for these types of attacks. This clearly shows the lack of seriousness in implementing security by the Yahoo. Generally, passwords are stored using the method of hashing so that even the passwords get leaked there will not be an easy way to read it. There are 4.5 lakh users who are affected by this hacking, which is a huge number. The passwords were downloaded from all over the world with the help of BitTorrent and various downloading client software.
Passwords were hacked from Yahoo Contributor Network, which means that person who is using this service will be surely affected, but Yahoo users can guarantee that their account is safe. Yahoo only announced about the Yahoo users but those users who have different email addresses are safe or not are still not clear. For example, Gmail, hotmail, AOL and various other users will be affected as many such email ids was found in the document.
Users of Yahoo are recommended to visits their mailbox and change the passwords as quickly as possible. Yahoo is also trying to change the passwords of the affected users. It is also advised to not to visit the Yahoo Contributor Network and give strong passwords. If users are using Yahoo account for financial transactions it must be stopped now. User’s laziness can be blamed as they don’t want to use different email id and password for accessing the website and this is used by hackers. Passwords such as “1234”, “passwords”, and other superhero names are mostly used which is very dangerous and hackers used this deficiency to crack it. These passwords may be very easy to remember but are vulnerable from hacker attack. Older days passwords days are long gone and users are still not aware of it.
Many security experts also stated that hackers are becoming more advance and using various sophisticated methods. Many websites are not being able to cope up with it and fall flat on their face, which is the case with the Yahoo. Automated password cracker software is also used by hacker to tracks the usage of the users and makes it very easy to compromise on the data security. Alphanumeric passwords are the safest bet to secure the account, it may not be easy to remember but it is safer than the simple passwords used by users. Unfortunately, there are no shortcuts for securing the account the users must be proactive enough to understand the consequence of a weak password.