Yahoo Inc. says it's investigating what could be a massive data breach of more than 453,000 Yahoo user login credentials after claims by a hacker group calling itself D33D Company that they had broken into a Yahoo server, stolen them and dumped them.
IN THE NEWS: Feds slash $2.7 million online loan-fraud scheme
The Associated Press early today reported Yahoo's head of United Kingdom consumer press relations Caroline MacLeod-Smith as saying the company is looking into "claims" of a compromise of Yahoo user IDs but would not say more about the possibility of the massive data breach. The group D33D Company is claiming to have stolen them by means of a SQL injection attack, a common type of assault against vulnerable Web servers.
The alleged Yahoo passwords today were being spread about the Internet by others, with some analyzing them for content. The group claiming responsibility for the attack on Yahoo is quoted as saying they hope it will be a "wake-up call" for better security.
Ellen Messmer is senior editor at Network World, an IDG publication and website, where she covers news and technology trends related to information security.