Yahoo gives all clear after hack attack

Company blames hack on contributor network, says compromised information was provided by writers who joined Associated Content prior to May 2010.

Yahoo Contributor Network didn't require strong passwords or hash them, so hackers, and the rest of the world, were able to see how basic many of them were.
Yahoo Contributor Network didn't require strong passwords or hash them, so hackers, and the rest of the world, were able to see how basic many of them were.

This doesn't rate up there with " Resumegate ," but when it comes to Yahoo, the fun never ends. The company finally gave the all clear this morning in the aftermath of a massive password leak that exposed more than 450,000 Yahoo log-in credentials.

The company says it has since deployed "additional security measures" and "enhanced our underlying security controls" as it goes about notifying affected users.

From Yahoo's latest missive:

Yahoo recently confirmed that an older file containing approximately 450,000 e-mail addresses and passwords was compromised. The compromised information was provided by writers who had joined Associated Content prior to May 2010, when it was acquired by Yahoo. (Associated Content is now the Yahoo Contributor Network.) This compromised file was a standalone file that was not used to grant access to Yahoo systems and services.

We have taken swift action and have now fixed this vulnerability, deployed additional security measures for affected Yahoo users, enhanced our underlying security controls, and are in the process of notifying affected users. In addition, we will continue to take significant measures to protect our users and their data.

If you joined Associated Content prior to May 2010 using your Yahoo e-mail address, please log in to your Yahoo account, where you may be prompted to answer a series of authentication questions to change and validate your credentials.

The Yahoo Contributor Network was formerly a content-farm Web site called Associated Content. Yahoo acquired that business a couple of years ago. The hackers responsible for the breach said they intended this as a wake-up call to the parties responsible for the security of the hacked site.

 

ARTICLE DISCUSSION

Conversation powered by Livefyre

Don't Miss
Hot Products
Trending on CNET

Hot on CNET

Saving your life at speed and in style

Volvo have been responsible for some of the greatest advancements in car safety. We list off the top ways they've kept you safe today, even if you don't drive one.