BANGALORE: Yahoo! has apologised for the security breach in which hackers had stolen around 400,000 account credentials from its system.
Yahoo! said, approximately 400,000 Yahoo! and other company users' names and passwords were stolen.
The company said it is fixing the vulnerability that led to the theft, changing passwords of affected users and notifying the companies whose user accounts may have been compromised.
In a statement isssued by Yahoo!, the company says: "At Yahoo! we take security very seriously and invest heavily in protective measures to ensure the security of our users and their data across all our products. We confirm that an older file from Yahoo! Contributor Network (previously Associated Content) containing approximately 450,000 Yahoo! and other company users names and passwords was compromised yesterday, July 11.
Of these, less than 5% of the Yahoo! accounts had valid passwords. We are taking immediate action by fixing the vulnerability that led to the disclosure of this data, changing the passwords of the affected Yahoo! users and notifying the companies whose users accounts may have been compromised. We apologize to all affected users. We encourage users to change their passwords on a regular basis and also familiarize themselves with our online safety tips at security.yahoo.com."
Late Wednesday, a hacking group known as D33Ds Company posted 453,492 account credentials in plain text on a public website, claiming that it did so as a "wake-up call" rather than a threat to Yahoo.
"There have been many security holes exploited in web servers belonging to Yahoo! Inc. that have caused far greater damage than our disclosure. Please do not take them lightly," said the group at the end of the post.
The theft comes in the wake of a breach reported last month by the business networking service LinkedIn , which resulted in the release of some 6.4 million member passwords.