Yahoo confirms security breach on Yahoo! Voice, assures that a fix is underway

Earlier today, we wrote to you about the exposed credentials that reportedly belonged to Yahoo’s Yahoo! Voice service. But in as so far the report is concerned; it was never really confirmed by Yahoo. But we now have an interesting update to the story. Yahoo has just confirmed that the data breached did came from its servers. The search engine giant also confirmed that the exposed credentials came from an old file on Yahoo! Voice, then-called Associated Content, and that its security team is now working on a fix.

In a written note sent to TechCrunch, Yahoo wrote:

At Yahoo! we take security very seriously and invest heavily in protective measures to ensure the security of our users and their data across all our products. We confirm that an older file from Yahoo! Contributor Network (previously Associated Content) containing approximately 400,000 Yahoo! and other company users names and passwords was stolen yesterday,July 11.  Of these, less than 5% of the Yahoo! accounts had valid passwords. We are fixing the vulnerability that led to the disclosure of this data, changing the passwords of the affected Yahoo! users and notifying the companies whose users accounts may have been compromised.  We apologize to affected users.  We encourage users to change their passwords on a regular basis and also familiarize themselves with our online safety tips at security.yahoo.com.

Gene Ryan Briones
Categories: Web
Tags: Yahoo