Yahoo Voices users are being urged to change their passwords. Yesterday morning the email addresses and passwords for Yahoo Voices’ 450,000 users were published online.
The site hosting the information is intermittently down; however, we were able to open the document and verify that it does in fact contain user emails and password data.
The list titled “Owned and Exposed” was published with the email addresses and passwords for each of Yahoo Voices’ 450,000 users was posted online by a group known as the D33Ds Company.
At the end of the document the group remarks that it posted the information to be a “Wake-up call” rather than a threat.
“We hope that the parties responsible for managing the security of this subdomain will take this as a wake-up call, and not as a threat,” the document says. “There have been many security holes exploited in webservers belonging to Yahoo! Inc. that have caused far greater damage than our disclosure.
“Please do not take them lightly. The subdomain and vulnerable parameters have not been posted to avoid further damage.”
The group included a quote from Jean Vanier in its closing remarks: “Growth begins when we begin to accept our own weakness.”