Loading AI tools
In July 2012, Yahoo Voice, a user-generated content platform owned by Yahoo, suffered a major data breach. On July 11, 2012, a hacking group calling itself "D33DS Company" posted a file online containing approximately 450,000 login credentials and passwords from Yahoo Voice users. The data was obtained through a SQL injection attack that exploited vulnerabilities in Yahoo's database servers.[1][2][3][4]
| Date | July 11, 2012 |
|---|---|
| Location | Yahoo! servers |
| Also known as | Yahoo Voice hack |
| Cause | SQL injection attack |
| First reporter | TrustedSec |
| Outcome | 450,000 usernames and passwords leaked |
| Suspects | D33Ds Company (hacking group) |
| Website | Yahoo! Voices |
| Passwords were stored unencrypted | |
The Yahoo Voices breach occurred on July 12, 2012, when a hacking group calling themselves "D33DS Company" used a union-based SQL injection attack to gain unauthorized access to Yahoo's servers.[5] The attackers were able to extract and publish unencrypted account details, including emails and passwords, for approximately 450,000 user accounts belonging to the Yahoo Voices service.[6]
The compromised passwords were stored in plaintext, without any encryption or hashing protection.[6] This security oversight allowed the attackers to immediately access and publish the raw passwords without needing to crack them, significantly increasing the potential for immediate misuse of the stolen credentials.[5]
D33DS Company announced the leak via a Twitter post, which has since been removed.[6] The hackers also prefaced their password dump with a statement detailing their use of a union-based SQL injection attack to obtain the data.[6] The full dump file containing the compromised user information was made available for download via BitTorrent, allowing for widespread distribution and potential misuse of the stolen credentials.[6]
The breach compromised approximately 450,000 user accounts and the leaked data including usernames and passwords in plaintext. The attack specifically targeted Yahoo Voice, formerly known as Associated Content, which Yahoo had acquired in May 2010 for $100 million (£64.5 million). Using SQL injection techniques, the hackers were able to extract the data from Yahoo's servers and subsequently post the compromised information publicly online.[1][2][3][4]
Yahoo confirmed the breach, stating that "an older file from Yahoo Contributor Network... containing approximately 450,000 Yahoo and other company users' names and passwords was compromised." The company also noted that less than 5% of the Yahoo accounts had valid passwords.[3] According to US security firm Trustedsec, the compromised passwords were associated with a variety of email addresses including those from yahoo.com, gmail.com, and aol.com.[3][4]
The last entries in the data dump appeared to be linked to IDs created in 2006, suggesting that the compromised database might have been an older one no longer in active use.[4] At the time of the breach, Yahoo claimed to have more than 600,000 contributors to its Voice platform.[4]
Security experts suggested that the most alarming aspect of the attack was that the passwords for the accounts were stored unencrypted. This meant that any hacker could potentially use the stolen email addresses and passwords to access other services, including Yahoo Mail, putting far more accounts at risk than just those directly affected by the Voice breach.[4]
In a statement accompanying the data dump, the hackers said: "We hope that the parties responsible for managing the security of this subdomain will take this as a wake-up call, and not as a threat." They also noted that other security holes had led to previous disclosures and urged Yahoo not to take the vulnerabilities lightly.[1] The breach highlighted significant security flaws in Yahoo's systems, particularly the storage of passwords in plaintext rather than using encryption. This incident came shortly after other major data breaches at companies like LinkedIn, as well as similar attacks on Android Forums and Formspring, raising broader concerns about online security practices at the time.[1][4]
In response to the breach, Yahoo stated they were "taking immediate action by fixing the vulnerability that led to the disclosure of this data, changing the passwords of the affected Yahoo users and notifying the companies whose users accounts may have been compromised."[3] The company faced criticism for its security practices and failure to adequately protect user data. This breach was one of several major security incidents Yahoo would face in the coming years, culminating in the disclosure of even larger breaches affecting billions of accounts in 2016.[2]
Yahoo! said in a written statement that it takes security very seriously and is working together to fix the vulnerability in its site. Yahoo! said that it was in the process of changing the passwords of the hacked accounts and notifying other companies of the hack.[7] [8]
There was no site-wide notifications about the hack, nor did any victim get any type of personal messages detailing how to reset their account passwords from Yahoo.[9] Joseph Bonneau, a security researcher and a former product analysis manager at Yahoo, said "Yahoo can fairly be criticized in this case for not integrating the Associated Content accounts more quickly into the general Yahoo login system, for which I can tell you that password protection is much stronger."[7]
Wikiwand in your browser!
Seamless Wikipedia browsing. On steroids.
Every time you click a link to Wikipedia, Wiktionary or Wikiquote in your browser's search results, it will show the modern Wikiwand interface.
Wikiwand extension is a five stars, simple, with minimum permission required to keep your browsing private, safe and transparent.
