Yahoo Security Failed
There are posts suggesting to check whether your yahoo account is part of the 450,000 accounts that were compromised at http://www.pbs.org/newshour/rundown/2012/07/check-whether-your-yahoo-password-was-hacked.html or check the entire file at http://d33ds.co.nyud.net/archive/yahoo-disclosure.txt but I don't recommend visiting the site. Instead of spending your precious minutes checking whether yours is one of the emails that got compromised, go ahead and open your account.
If you have think or have doubts that your account is compromised, just take the necessary steps in checking the security of your email accounts. Here are some tips:
- Use passwords that are at least 8-characters, combination of uppercase and lowercase letters and numbers.
- Use different passwords for different websites.
- Do not store your passwords inside your email accounts.
- Do not use personal information in your passwords.
- Do not choose answers to security question that can be found in your biodata/resume. There's no rule that your security question must be answered truthfully. What is important is that you remember the answer you provided.
- Change your passwords often, as often as every month or every 90-days.
- Do not open attachments from unknown senders. Take extra precaution when opening attachments from contacts, their accounts might have also been compromised.
- Install reliable antivirus programs.
Unfortunately this time, it was not entirely the fault of the email users. The group of seven hackers who called themselves D33Ds attacked Yahoo's database using SQL injection. What's worst is that it was reported that the passwords were not encrypted as presumed. Rather, the passwords were in plain text that even an elementary student can read. According to the hackers, they posted the emails with the corresponding passwords on a website to inform Yahoo that it's security has failed again.