<b>week in review</b> Hack reveals users' credentials in plain text, while RIM investors look for more financial security. Also: Amazon gets its game on.
Steven MusilNight Editor / News
Steven Musil is the night news editor at CNET News. He's been hooked on tech since learning BASIC in the late '70s. When not cleaning up after his daughter and son, Steven can be found pedaling around the San Francisco Bay Area. Before joining CNET in 2000, Steven spent 10 years at various Bay Area newspapers.
ExpertiseI have more than 30 years' experience in journalism in the heart of the Silicon Valley.
Yahoo fell victim to a security breach that yielded hundreds of thousands of login credentials stored in plain text, but it appears users also did little to protect themselves.
The hacked data, posted to the hacker site D33D Company, contained more than 453,000 login credentials and appears to have originated from the Web pioneer's network. The hackers, who said they used a union-based SQL injection technique to penetrate the Yahoo subdomain, intended the data dump to be a "wake-up call." [Update, 11:13 a.m. PT: On Friday morning, Yahoo gave the all-clear, saying "We ... have now fixed this vulnerability, deployed additional security measures," and so on.]
If there's one thing to learn from the security breach, it's that we need to be more creative with our passwords. The hackers said they hoped this would be taken as warning to the parties responsible for the security of the hacked site, but individuals should also see this as a warning to strengthen their own personal passwords. What was the most popular password on the Yahoo list? The classic 123456, of which there were 2,295 instances.
• Yahoo password breach shows we're all really lazy
• Yahoo's password leak: What you need to know (FAQ)