The Internet is one big massive information tool, we can find anything we want by clicking a mouse and hitting a few keys on the keyboard. Some information - passwords, addresses, etc.- we would like to keep secret from other users. We trust websites to keep this information safe and 99% of the time, our information is safe, however, there’s a chance your info could be breached. This has recently happened to two major websites.
The two breaches happened to Yahoo and Phandroid.
The Phandroid leak Phandroid is a large Android centric website, widely considered by many to be the main source for Android related news. It was announced on July 13 that over 1 million user IDs had been hacked. Information leaked included email addresses, passwords and other information.
Representatives from Phandroid noted that passwords leaked were hashed - protected with a harder to break code - and thought that the purpose of the attack was to get email addresses for future spam campaigns. If you have an account on Phandroid, you can check and see if your account was part of the attack at Should I change my password?
Did you Yahoo? Yahoo announced on the 12th that slightly more than 450,000 accounts had been compromised, and the information placed on websites available for anyone to download. Yahoo hasn’t officially announced what service’s accounts were leaked, but, other websites have announced the accounts belonged to Yahoo Voice.
The attack was orchestrated by a hacker collective called D33Ds Company, who released the list in plain text format - it can be read by anyone - on a number of websites. D33Ds Company did withhold more sensitive data, and it seems the attack was meant to serve as a wakeup call to Yahoo. At the end of the document they left a message, ”We hope that the parties responsible for managing the security of this subdomain will take this as a wake-up call, and not as a threat.”
If you have a Yahoo account and are worried that your account may have been one of the ones leaked, dazzlepod.com has a the whole list online, minus passwords. If you’re one of the unlucky ones, be sure to change your password post haste.
The recent LinkedIn account leak and these two leaks have made for a rough last month in the security industry. We strongly recommend that you take steps to change your passwords on a regular basis to minimize the chance of your data and information being stolen. If you have any questions about these incidents, or are worried about your company’s security, please contact us.