Yahoo password leak now goes to Gmail, Hotmail

More than 400,000 Yahoousernames and passwords were stolen and published on the Web, putting other websites at risk as well, after hackers exploited a vulnerability in Yahoo’s computer systems.

Some logins for Google, AOL and Microsoft’s services were among those compromised. The three companies said they required affected users to reset passwords for sites includingGmail, AOL, Hotmail, MSN and Live.com.

Yahoo issued a statement apologizing for the breach, the latest setback for a company that has lost two chief executives in a year and is struggling to revive stalled revenue growth.

Chairman Alfred Amoroso acknowledged that Yahoo had experienced a “tumultuous” year at its annual shareholder meeting on Thursday morning. Interim CEO Ross Levinsohn told attendees he was optimistic about the company’s progress.

The breach prompted criticism from security experts who said that a major Internet firm like Yahoo should do a better job at protecting user data.

“This points to some very lax security practices,” said Rob D’Ovidio, associate professor of criminal justice at Drexel University.

As an example, he noted that the hackers were able to produce more than 400,000 cleartext passwords within a day. That indicates that Yahoo either did not encrypt them at all or used an encryption method that was easy to crack, he said.

Posted on Jul 13 2012. Filed under Social Media. You can follow any responses to this entry through the RSS 2.0. You can leave a response or trackback to this entry