We have reports that an unidentified Yahoo service, although rumoured to be Yahoo Voice, has had over 450,000 account details leaked because they were stored in plain text format and a SQL injection was able to retrieve them.
Over 2,700 tables of database files have been exploited from the leak, according to the hackers.
The hackers left a message for Yahoo:
“We hope that the parties responsible for managing the security of this subdomain will take this as a wake-up call, and not as a threat,”
The biggest issue is that many users use the same password on many different sites, such as Social Networks, so once a password is obtained for one account matching an email address, the credentials can be attempted at a log in on other sites that may use the same email.
It is recommended that if you use your Yahoo password for other services, that you log in and change that password immediately.
Yahoo Voices, the apparent hit, is also known as Associated Content.
Limited information is available regarding this story right now, but once we receive more information we will be updating this article, so stay tuned.