{"id":1977,"date":"2012-07-16T00:00:00","date_gmt":"2012-07-16T00:00:00","guid":{"rendered":"http:\/\/otava.test\/yahoo-data-breach-affects-450000\/"},"modified":"2012-07-16T00:00:00","modified_gmt":"2012-07-16T00:00:00","slug":"yahoo-data-breach-affects-450000","status":"publish","type":"post","link":"https:\/\/www.otava.com\/blog\/yahoo-data-breach-affects-450000\/","title":{"rendered":"Yahoo Data Breach Affects 450,000"},"content":{"rendered":"

Big names are getting hacked big time – from Linkedin to Global Payments, Inc. (one of the largest credit card processor companies). Just a few days ago, Yahoo joined the ranks. Via Yahoo\u2019s Customer Care Twitter, I found a statement that confirmed \u201can older file from Yahoo! Contributor Network (previously Associated Content) containing approximately 450,000 Yahoo! and other company users names and passwords were compromised yesterday, July 11.\u201d<\/p>\n

A hacker group by the name of the D33Ds Company has published a list of the information they stole, which includes email addresses from Gmail.com, Hotmail.com, AOL.com and Yahoo.com. They hacked into the database via SQL injection, exploiting a software vulnerability.<\/p>\n

What\u2019s worse, or at least way more sad, is that an analysis of the passwords found that people are really quite terrible when it comes to password innovation. \u201c123456\u201d was used by almost 2,000 people, with \u201cpassword\u201d coming in second for over 2,000 users. It almost defies the very act of the malicious web server attack to have such easily guessable passwords in place, but I suppose those hackers were out to prove a specific point.<\/p>\n

Anyway, here\u2019s your lesson – use web application firewalls<\/a> (WAF) to significantly increase your database security. Imperva has a great, easy-to-understand video<\/a> that explains what it does, how it does it, and why it\u2019s more useful than other tools, or at least why it works differently to detect and block SQL injections.<\/p>\n

While anyone concerned with security should have this tool in place, it\u2019s important to note it\u2019s actually required in order to meet PCI DSS compliance standards<\/a> (Payment Card Industry Data Security Standards that apply to credit cardholder environments in order to protect sensitive account information from hackers and misuse). Of the 12 requirements, it is requirement 6.6 that mandates using WAF as a method to address new threats and vulnerabilities on an ongoing basis by placing it in front of public-facing web apps to detect and prevent attacks. The other method they suggest is manual or automated annual code review.<\/p>\n

Although the Yahoo incident was not a PCI-related breach, the technology used to achieve PCI compliance offers extra protection against hackers and malicious attacks against your web applications or databases. Find out more about PCI compliant hosting<\/a> by reading our PCI compliant white paper<\/a>.<\/p>\n

References:
\nYahoo Twitlonger<\/a>
\nHackers Publish Over 450,000 Emails and Passwords Stolen from Yahoo<\/a>
\nYahoo Breach Extends Beyond Yahoo to Gmail, Hotmail, AOL Users<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"

Big names are getting hacked big time – from Linkedin to Global Payments, Inc. (one of the largest credit card processor companies). Just a few days ago, Yahoo joined the ranks. Via Yahoo\u2019s Customer Care Twitter, I found a statement that confirmed \u201can older file from Yahoo! Contributor Network (previously Associated Content) containing approximately 450,000 Yahoo! and other company users names and passwords were compromised yesterday, July 11.\u201d A hacker group by the name of the D33Ds Company has published a list of the information they stole, which includes email addresses from Gmail.com, Hotmail.com, AOL.com and Yahoo.com. They hacked into the database via SQL injection, exploiting a software vulnerability. What\u2019s worse, or at least way more sad, is that an analysis of the passwords found that people are really quite terrible when it comes to password innovation. \u201c123456\u201d was used by almost 2,000 people, with \u201cpassword\u201d coming in second for over 2,000 users. It almost defies the very act of the malicious web server attack to have such easily guessable passwords in place, but I suppose those hackers were out to prove a specific point. Anyway, here\u2019s your lesson – use web application firewalls (WAF) to significantly increase your database…<\/p>\n","protected":false},"author":3,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[1],"tags":[],"other_category":[],"class_list":["post-1977","post","type-post","status-publish","format-standard","hentry","category-uncategorized"],"acf":[],"yoast_head":"\nYahoo Data Breach Affects 450,000 | OTAVA<\/title>\n<meta name=\"description\" content=\"Although the Yahoo incident was not a PCI-related breach, the technology used to achieve PCI compliance offers extra protection against hackers.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.otava.com\/blog\/yahoo-data-breach-affects-450000\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Yahoo Data Breach Affects 450,000\" \/>\n<meta property=\"og:description\" content=\"Although the Yahoo incident was not a PCI-related breach, the technology used to achieve PCI compliance offers extra protection against hackers.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.otava.com\/blog\/yahoo-data-breach-affects-450000\/\" \/>\n<meta property=\"og:site_name\" content=\"OTAVA\" \/>\n<meta property=\"article:published_time\" content=\"2012-07-16T00:00:00+00:00\" \/>\n<meta name=\"author\" content=\"Irma Brillantes\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Irma Brillantes\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"2 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/www.otava.com\/blog\/yahoo-data-breach-affects-450000\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/www.otava.com\/blog\/yahoo-data-breach-affects-450000\/\"},\"author\":{\"name\":\"Irma Brillantes\",\"@id\":\"https:\/\/www.otava.com\/#\/schema\/person\/35774075f8f4fcdd4eae80cb72034263\"},\"headline\":\"Yahoo Data Breach Affects 450,000\",\"datePublished\":\"2012-07-16T00:00:00+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/www.otava.com\/blog\/yahoo-data-breach-affects-450000\/\"},\"wordCount\":411,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\/\/www.otava.com\/#organization\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\/\/www.otava.com\/blog\/yahoo-data-breach-affects-450000\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.otava.com\/blog\/yahoo-data-breach-affects-450000\/\",\"url\":\"https:\/\/www.otava.com\/blog\/yahoo-data-breach-affects-450000\/\",\"name\":\"Yahoo Data Breach Affects 450,000 | OTAVA\",\"isPartOf\":{\"@id\":\"https:\/\/www.otava.com\/#website\"},\"datePublished\":\"2012-07-16T00:00:00+00:00\",\"description\":\"Although the Yahoo incident was not a PCI-related breach, the technology used to achieve PCI compliance offers extra protection against hackers.\",\"breadcrumb\":{\"@id\":\"https:\/\/www.otava.com\/blog\/yahoo-data-breach-affects-450000\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.otava.com\/blog\/yahoo-data-breach-affects-450000\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.otava.com\/blog\/yahoo-data-breach-affects-450000\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/www.otava.com\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Yahoo Data Breach Affects 450,000\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.otava.com\/#website\",\"url\":\"https:\/\/www.otava.com\/\",\"name\":\"OTAVA\u00ae\",\"description\":\"\",\"publisher\":{\"@id\":\"https:\/\/www.otava.com\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.otava.com\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/www.otava.com\/#organization\",\"name\":\"OTAVA\u00ae\",\"url\":\"https:\/\/www.otava.com\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.otava.com\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/www.otava.com\/wp-content\/uploads\/2025\/03\/otava-logo.svg\",\"contentUrl\":\"https:\/\/www.otava.com\/wp-content\/uploads\/2025\/03\/otava-logo.svg\",\"caption\":\"OTAVA\u00ae\"},\"image\":{\"@id\":\"https:\/\/www.otava.com\/#\/schema\/logo\/image\/\"}},{\"@type\":\"Person\",\"@id\":\"https:\/\/www.otava.com\/#\/schema\/person\/35774075f8f4fcdd4eae80cb72034263\",\"name\":\"Irma Brillantes\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/secure.gravatar.com\/avatar\/d5251bebc1699793a698d1a6158603cb3cdc50a095a12357e42d415b3e5546c2?s=96&d=mm&r=g\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/d5251bebc1699793a698d1a6158603cb3cdc50a095a12357e42d415b3e5546c2?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/d5251bebc1699793a698d1a6158603cb3cdc50a095a12357e42d415b3e5546c2?s=96&d=mm&r=g\",\"caption\":\"Irma Brillantes\"},\"url\":\"https:\/\/www.otava.com\/blog\/author\/ibrillantesotava-com\/\"}]}<\/script>\n<!-- \/ Yoast SEO Premium plugin. -->","yoast_head_json":{"title":"Yahoo Data Breach Affects 450,000 | OTAVA","description":"Although the Yahoo incident was not a PCI-related breach, the technology used to achieve PCI compliance offers extra protection against hackers.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.otava.com\/blog\/yahoo-data-breach-affects-450000\/","og_locale":"en_US","og_type":"article","og_title":"Yahoo Data Breach Affects 450,000","og_description":"Although the Yahoo incident was not a PCI-related breach, the technology used to achieve PCI compliance offers extra protection against hackers.","og_url":"https:\/\/www.otava.com\/blog\/yahoo-data-breach-affects-450000\/","og_site_name":"OTAVA","article_published_time":"2012-07-16T00:00:00+00:00","author":"Irma Brillantes","twitter_card":"summary_large_image","twitter_misc":{"Written by":"Irma Brillantes","Est. reading time":"2 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.otava.com\/blog\/yahoo-data-breach-affects-450000\/#article","isPartOf":{"@id":"https:\/\/www.otava.com\/blog\/yahoo-data-breach-affects-450000\/"},"author":{"name":"Irma Brillantes","@id":"https:\/\/www.otava.com\/#\/schema\/person\/35774075f8f4fcdd4eae80cb72034263"},"headline":"Yahoo Data Breach Affects 450,000","datePublished":"2012-07-16T00:00:00+00:00","mainEntityOfPage":{"@id":"https:\/\/www.otava.com\/blog\/yahoo-data-breach-affects-450000\/"},"wordCount":411,"commentCount":0,"publisher":{"@id":"https:\/\/www.otava.com\/#organization"},"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/www.otava.com\/blog\/yahoo-data-breach-affects-450000\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/www.otava.com\/blog\/yahoo-data-breach-affects-450000\/","url":"https:\/\/www.otava.com\/blog\/yahoo-data-breach-affects-450000\/","name":"Yahoo Data Breach Affects 450,000 | OTAVA","isPartOf":{"@id":"https:\/\/www.otava.com\/#website"},"datePublished":"2012-07-16T00:00:00+00:00","description":"Although the Yahoo incident was not a PCI-related breach, the technology used to achieve PCI compliance offers extra protection against hackers.","breadcrumb":{"@id":"https:\/\/www.otava.com\/blog\/yahoo-data-breach-affects-450000\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.otava.com\/blog\/yahoo-data-breach-affects-450000\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/www.otava.com\/blog\/yahoo-data-breach-affects-450000\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.otava.com\/"},{"@type":"ListItem","position":2,"name":"Yahoo Data Breach Affects 450,000"}]},{"@type":"WebSite","@id":"https:\/\/www.otava.com\/#website","url":"https:\/\/www.otava.com\/","name":"OTAVA\u00ae","description":"","publisher":{"@id":"https:\/\/www.otava.com\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.otava.com\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.otava.com\/#organization","name":"OTAVA\u00ae","url":"https:\/\/www.otava.com\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.otava.com\/#\/schema\/logo\/image\/","url":"https:\/\/www.otava.com\/wp-content\/uploads\/2025\/03\/otava-logo.svg","contentUrl":"https:\/\/www.otava.com\/wp-content\/uploads\/2025\/03\/otava-logo.svg","caption":"OTAVA\u00ae"},"image":{"@id":"https:\/\/www.otava.com\/#\/schema\/logo\/image\/"}},{"@type":"Person","@id":"https:\/\/www.otava.com\/#\/schema\/person\/35774075f8f4fcdd4eae80cb72034263","name":"Irma Brillantes","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/d5251bebc1699793a698d1a6158603cb3cdc50a095a12357e42d415b3e5546c2?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/d5251bebc1699793a698d1a6158603cb3cdc50a095a12357e42d415b3e5546c2?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/d5251bebc1699793a698d1a6158603cb3cdc50a095a12357e42d415b3e5546c2?s=96&d=mm&r=g","caption":"Irma Brillantes"},"url":"https:\/\/www.otava.com\/blog\/author\/ibrillantesotava-com\/"}]}},"_links":{"self":[{"href":"https:\/\/www.otava.com\/wp-json\/wp\/v2\/posts\/1977","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.otava.com\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.otava.com\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.otava.com\/wp-json\/wp\/v2\/users\/3"}],"replies":[{"embeddable":true,"href":"https:\/\/www.otava.com\/wp-json\/wp\/v2\/comments?post=1977"}],"version-history":[{"count":0,"href":"https:\/\/www.otava.com\/wp-json\/wp\/v2\/posts\/1977\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.otava.com\/wp-json\/wp\/v2\/media?parent=1977"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.otava.com\/wp-json\/wp\/v2\/categories?post=1977"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.otava.com\/wp-json\/wp\/v2\/tags?post=1977"},{"taxonomy":"other_category","embeddable":true,"href":"https:\/\/www.otava.com\/wp-json\/wp\/v2\/other_category?post=1977"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}