Hackers post over 400,000 Yahoo! Voice passwords online

It appears that Yahoo!’s voice over IP network has been compromised, with claims that the username and passwords were stored completely unencrypted

Over 400,000 Yahoo! Voice username and passwords have been posted online by hackers claiming to have compromised the voice over IP (VoIP) network.

A plain text data dump has been posted on the internet with passwords pertaining to a wide variety of email addresses, including those from yahoo.com, gmail.com and aol.com.

Yahoo! Voice was set up after Yahoo! bought Associated Content for more than £64 million in early 2010.

Security firm Trustedsec has looked into the breach and claims that Yahoo! was storing the data without it being encrypted.

In a blog post, Trustedsec said: "The most alarming part of the entire story was the fact that the passwords were stored completely unencrypted and the full 400,000+ usernames and passwords are now public."

"The method for the compromise was apparently a SQL Injection attack to extract the sensitive information from the database."

Computerworld UK contacted Yahoo! for comment but was told that it was still investigating the claims.

Join the CSO newsletter!

Error: Please check your email address.
Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by Derek du Preez

Latest Videos

More videos

Blog Posts