Back to Radar
YA
Yahoo
MediumYahoo's Voices service compromised via SQL injection in 2012, exposing 453k plain-text credentials.
- Records exposed
- 453,427 records
- Breach date
- Breach Jul 11, 2012
- Last update
- Updated Dec 4, 2013
What data was exposed?
Fields reported as compromised in this breach record.
Email addressesPasswords
Why does this breach matter?
In-depth analysis of the breach and its implications.
In July 2012, Yahoo experienced a security breach affecting its Voices online publishing service, where attackers exploited a SQL injection vulnerability to expose approximately 453,427 user account credentials stored in plain text. This incident revealed inadequate storage practices and demonstrated widespread password reuse among affected users.
Impact Analysis
Understanding the scope and consequences of this breach.
- User Impact
- Affected users had their email address and password combinations exposed, increasing the risk of credential stuffing attacks.
- Business Impact
- Yahoo faced reputational damage and increased scrutiny regarding their security practices, especially pertaining to password storage methodologies.
- Affected Sectors
- Technology
- Media
- Geographic Impact
- Global
What You Should Do
Recommended actions to take in response to this breach.
If You Were Affected
- •Immediately change passwords of accounts using the same credentials as those on Yahoo Voices.
- •Enable two-factor authentication (2FA) where available.
- •Monitor accounts for unauthorized activity and evaluate for potential identity theft.
Preventive Measures
- •Always adhere to secure password storage practices such as hashing and salting.
- •Conduct regular security audits on code to spot vulnerabilities such as SQL injection.
- •Educate users on the risks of password reuse across services.
Frequently Asked Questions
Common questions about this breach and what it means for you.
Email addresses and passwords of approximately 453,427 users were disclosed.