There is a proverb "A small leak can sink a ship" now the situation of Yahoo ! could be seen as such .
A few days back Jul11th there has been an attack on one of the Yahoo! servers. The hackers have got user names and passwords of around 400000 accounts which includes Yahoo ! and some other company accounts also. The thing which should me mentioned here is that all these user names and passwords are in plain text ... OOOPSSS..... A Big mistake one can not imagine now a days ... unencrypted user names and passwords .. that too on a server !!! And it seems that the hackers used SQL injection to attack the site... unencrypted user names and passwords have been pulled out from a database which stored them in plain text without any added security or hashing techniques... So sad and Baddd...
At Yahoo! we take security very seriously and invest heavily in protective measures to ensure the security of our users and their data across all our products. We confirm that an older file from Yahoo! Contributor Network (previously Associated Content) containing approximately 400,000 Yahoo! and other company users names and passwords was stolen yesterday, July 11. Of these, less than 5% of the Yahoo! accounts had valid passwords. We are fixing the vulnerability that led to the disclosure of this data, changing the passwords of the affected Yahoo! users and notifying the companies whose users accounts may have been compromised. We apologize to affected users. We encourage users to change their passwords on a regular basis and also familiarize themselves with our online safety tips at security.yahoo.com.
My view is that its already late for a giant like Yahoo! But nevertheless it could be a wake up call for those corporate giants not to look over basic things !!!
Hope that our cyber world would be as stronger as it could be in forthcoming years if not days :)
No comments:
Post a Comment