According to a new eWEEK report, citing information shared by Yahoo officials, a group of hackers called "D33Ds Company" stole more than 400,000 passwords from Yahoo Voices - the service which was originally called Associated Content, and is part of Yahoo's news service.
While confirming the breach of Yahoo Voices' user credentials by the hackers, the Yahoo officials also added that valid passwords had been listed by even less than 5 percent of the Yahoo accounts; thereby implying that the day-to-day passwords of the users had apparently not been compromised.
The hack of the Yahoo Voices users' passwords was carried out by "D33Ds Company" hackers, with their online post of a text file that comprised users' details, which they said had been swiped using union-based SQL injection. However, the hackers stopped short of publishing details of how they were able to penetrate Yahoo's servers.
Revealing that the vulnerability which led to the Yahoo Voices' passwords hack was being fixed by Yahoo, a company spokesperson said that the passwords of the affected users were being changed, and a notification was being sent to companies which had had their accounts comprised in the data breach.
Extending an apology to the affected users, the spokesperson also said: "We encourage users to change their passwords on a regular basis and also familiarize themselves with our online safety tips at security. yahoo. com."