Yahoo is looking into a claim by a group of hackers that say they stole nearly half a million Yahoo email addresses and passwords. The hacker group reportedly posted information from the security breach to its website, however, Yahoo has not confirmed that the attack actually took place.
Yahoo Email Accounts Hacked
The hacker group D33D Company is making headlines on Thursday morning after announcing that it attacked over 453,000 log-in credentials, including Yahoo email addresses and passwords.
D33D Company, which was previously an unknown group, is reportedly associated with a Ukraine-registered website. The group has posted online the details of hundreds of thousands of unencrypted user accounts, claiming that they came from an unidentified subdomain of Yahoo’s website.
While no specific Yahoo server has been confirmed as a part of the alleged attack, some say the affected accounts belong to a voice-over-internet-protocol (VOIP) service called Yahoo Voices, which operates with Yahoo’s instant messenger service.
Security Breach to Serve as Wake-Up Call
A number of reports have revealed that the hacker group claimed the security breach was not meant to pose a real threat of identity theft to Yahoo or its customers. Instead, the breach acts as flag to the company about how lax its security protections are.
Yahoo’s data breach is one of several occurring identity theft threats among websites in recent months. In June, LinkedIn reported that over 6.5 million member passwords were compromised on its website due to a security breach, while card processor Global Payments Inc. reported in April that 1.5 million accounts were compromised by hackers.
A security breach can be devastating for victims as thieves can use hacked accounts for phishing purposes, or steal personal information and passwords to victims’ financial accounts.
Yahoo issued a statement that it was looking into “claims of a compromise of Yahoo! user IDs,” but didn’t give any additional details of how it could have occurred.