Yahoo acknowledged Thursday that a recent security breach led to 450,000 users’ passwords and email addresses being leaked, but the company insisted few were connected to valid accounts.
Yahoo said the passwords and email addresses were from its Yahoo Contributor Network, which is a content-sharing platform. The company said hackers were able to gain access to an “old file” that contained the user information, although only 5 percent of passwords were valid.
Tech websites identified the hackers as D33Ds Co,, which essentially was able to trick the Yahoo database into divulging private information, which D33Ds then posted, according to CNET. The tech site called it a “fairly significant security failure on Yahoo’s part.”
Yahoo said it was changing passwords associated with the network and notifying companies whose users’ accounts may have been breached.
An AP report quoted the hackers as saying, “We hope that the parties responsible for managing the security of this subdomain will take this as a wake-up call.”
Last month LinkedIn, the network for professionals, disclosed that hackers had gained access to 6.5 million user passwords.