FICPAYou Are Here:
Quick CPE Search
How to Check If Your Email Password Was One of 453,000 Leaked This Morning
The passwords to 432,000 email accounts were leaked earlier today. They were leaked from an older Yahoo file associated with the Yahoo! Contributor Network. Yahoo claims that only about 5 percent of the accounts had valid (current) passwords, but here's how to check if your ancient account is one of them.
Security company Sucuri has put together a tool to check if your email is included in the 400,000+. It also notes that you might want to check even if your account isn't at Yahoo:
[Sucuri] notes that 135,599 emails came from yahoo.com; but that a further 106,185 came from gmail.com; 54,393 from hotmail.com; 24,677 from aol.com; 8,422 from comcast.net and 6,282 msn.com.
Here's Yahoo's statement on the hack:
At Yahoo! we take security very seriously and invest heavily in protective measures to ensure the security of our users and their data across all our products. We confirm that an older file from Yahoo! Contributor Network (previously Associated Content) containing approximately 400,000 Yahoo! and other company users names and passwords was stolen yesterday,July 11. Of these, less than 5% of the Yahoo! accounts had valid passwords. We are fixing the vulnerability that led to the disclosure of this data, changing the passwords of the affected Yahoo! users and notifying the companies whose users accounts may have been compromised. We apologize to affected users. We encourage users to change their passwords on a regular basis and also familiarize themselves with our online safety tips at security.yahoo.com.
All told, it's unlikely you've got anything to worry about, but it's better safe than hacked into oblivion.
This Tech Tip is brought to you by the Business and Technology Section ... IT solutions for today's CPAs. For more information and to view an archive of previous Tech Tips, please visit us here.
Do you have specific topics you would like to see covered in Tech Tips? Email any suggestions to email@example.com.