Hackers post over 400,000 Yahoo! Voice passwords online

It appears that Yahoo!’s voice over IP network has been compromised, with claims that the username and passwords were stored completely unencrypted

Over 400,000 Yahoo! Voice username and passwords have been posted online by hackers claiming to have compromised the voice over IP (VoIP) network.

A plain text data dump has been posted on the internet with passwords pertaining to a wide variety of email addresses, including those from yahoo.com, gmail.com and aol.com.

Yahoo! Voice was set up after Yahoo! bought Associated Content for more than £64 million in early 2010.

Security firm Trustedsec has looked into the breach and claims that Yahoo! was storing the data without it being encrypted.

In a blog post, Trustedsec said: "The most alarming part of the entire story was the fact that the passwords were stored completely unencrypted and the full 400,000+ usernames and passwords are now public."

"The method for the compromise was apparently a SQL Injection attack to extract the sensitive information from the database."

Computerworld UK contacted Yahoo! for comment but was told that it was still investigating the claims.

Join the newsletter!


Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.
Have an opinion on security? Want to have your articles published on CSO? Please contact CSO Content Manager for our guidelines.
Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by Derek du Preez

Latest Videos

More videos

Blog Posts