Last Thursday, news broke that a hacker group leaked around 450,000 account passwords stolen from Yahoo! Voices, a subsection of the Yahoo! site where users submit their own content. In this case, it appears that the passwords were stored in their original plaintext and not even hashed.
The stolen data is now publicly available for anyone to download and use to attack other cloud services.
Cyber criminals frequently attack social media sites which have large user databases and are perceived to have weaker security – a topic I discussed in length here. Web users often use the same password for multiple sites so the compromise of a password on one social network can give criminals access to higher value services elsewhere.
While this is another high profile attack where the hacker chose to publish details of their exploits, we can assume there may be just as many covert breaches where the motives of the attacker require them to keep details of their attack secret.
This latest Yahoo! breach hammers home how websites need to use strong password hashes and better still application level encryption to protect usernames, passwords and other sensitive data. At the same time, Web users must remain vigilant with their online identities and refrain from using the same password for multiple sites or risk their identities being compromised.
Want to learn more about the latest in communications and technology? Then be sure to attend ITEXPO West 2012, taking place Oct. 2-5, in Austin, TX. ITEXPO (News - Alert) offers an educational program to help corporate decision makers select the right IP-based voice, video, fax and unified communications solutions to improve their operations. It's also where service providers learn how to profitably roll out the services their subscribers are clamoring for – and where resellers can learn about new growth opportunities. For more information on registering for ITEXPO click here.
Stay in touch with everything happening at ITEXPO. Follow us on Twitter.