Have you ever written an article for Yahoo! Voices (formally Associated Content)? If so, your username and password was recently leaked by a group of hackers known as “D33DS Company”. Over 453,000 accounts were obtained and leaked in plaintext. The hackers were likely to have obtained the list of logins by using a MySQL injection attack.
D33DS Company left this note at the end of the login dump:
We hope that the parties responsible for managing the security of this subdomain will take this as a wake-up call, and not as a threat. There have been many security holes exploited in webservers belonging to Yahoo! Inc. that have caused far greater damage than our disclosure. Please do not take them lightly. The subdomain and vulnerable parameters have not been posted to avoid further damage.
If you would like to check whether your account was leaked, Dazzlepod has set up a searchable list of all usernames hacked. Keep in mind that this list does not include passwords, so you’ll have to look elsewhere for that.
Source: Ars Technica via Geek O’ System via Techmeme
Image Credit: craigles75
