22 million user IDs may be in the hands of hackers, after Yahoo Japan security breach

Filed Under: Data loss, Featured, Privacy

Yahoo JapanThe call has gone out to Yahoo Japan's 200 million users to change their passwords, after the company warned that it suspected hackers had managed to access a file containing 22 million user IDs.

Yahoo Japan says that it detected an attempt to gain unauthorised access to its administrative systems on Thursday at approximately 9pm local time.

Although the information taken from Yahoo Japan's servers is said not to contain passwords, or other personal identifying information required to hijack an account (such as the answers to secret questions), the site has decided that users should reset their passwords regardless.

In a press statement published on Yahoo Japan's website, the number one search engine in Japan stressed that it had not confirmed that the data had definitely leaked to the outside world, but that it deeply apologised for any inconvenience caused.

Yahoo Japan statement

Fingers crossed, only user IDs were exposed during the security breach and nothing more serious. But even user IDs should be private, and kept out of the hands of cybercriminals.

Potentially, online criminals now have a database of 22 million Yahoo Japan email addresses - and there are surely slimebags out there who would get a real kick out of spewing out a spam campaign, sending a phishing attack to Yahoo users, posing as a legitimate email from the company, or launching a targeted malware attack.

Hopefully Yahoo Japan will be investigating how the security breach occurred, and putting strong defences in place to prevent it - or anything worse - happening in future.

, ,

You might like

2 Responses to 22 million user IDs may be in the hands of hackers, after Yahoo Japan security breach

  1. Alan · 467 days ago

    It would have been reassuring if the "call", had been pro-actively pushed out to users. I am a yahoo.co.jp user and had it not been for your post I would probably not have found out yet. There has been no mail to users, no announcement on the web mail page and nothing prominent on the http://www.yahoo.co.jp home page, just a small link down at the bottom of that page.

    This is the second announcement of unauthorised access to the site in just over a month.

  2. Nigel · 466 days ago

    How is this "unauthorised access" happening?

    However it's happening, that's pretty scary stuff. I expected better from Yahoo. I guess I was wrong.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

About the author

Graham Cluley runs his own award-winning computer security blog, and is a veteran of the anti-virus industry having worked for a number of security companies since the early 1990s. Now an independent security analyst, he regularly makes media appearances and gives computer security presentations. Send Graham an email, subscribe to his updates on Facebook, follow him on Twitter and App.net, and circle him on Google Plus for regular updates.