Yahoo Voices Hacked, Usernames and Passwords Posted Online.

At the risk of essentially slashdotting myself or making my web host very angry at me, I have stripped out the passwords so that the only component remaining is the email addresses, in case you want to check whether you were part of the breach. (I was not! hooray!)<p>I am hosting this at: <a href="http://drostie.org/yahoo_leak.txt" rel="nofollow">http://drostie.org/yahoo_leak.txt</a> . If I receive too much traffic I may simply pastebin it.

I love how this is a story about Yahoo, reported on Mashable, then cross-posted to Yahoo News.

I think these accounts were prior to Yahoo! Acquisition of associatedcontent. There is NO WAY for a "native" yahoo property to store plain text passwords. Of course this is a yahoo fault to buy a company with such a weak security...<p>If this was a leak in yahoo, the number of users with a yahoo e-mail would be much, much higher.

This story is incorrect to boot. It was Yahoo! VOICES with an (S) not Yahoo Voice.

I can understand the joy feeling for someone to hack something, but what's the point of posting people's passwords online?

We did an analysis of the dump:<p><a href="http://blog.sucuri.net/2012/07/analysis-of-yahoo-voice-password-leak-453441-passwords-exposed.html" rel="nofollow">http://blog.sucuri.net/2012/07/analysis-of-yahoo-voice-passw...</a><p>Interesting is the lack of "yahoo" as part of the passwords... I would expect a much higher % from a yahoo leak.

A co-worker's Yahoo account started IM'ing spam links to everybody in his friend list yesterday. This might be why.

It's a bit sad that the first bit of correspondence from Yahoo was actually just a syndicated news article from another source.<p>It makes you stop and think about whether they take security and their customers seriously.

Anyone know exactly what it means to be a yahoo voice user? I use yahoo chat, and I think I've used voice chat in the past, but I don't see my username in the dump drostie posted.

Is there a simple and free service that sends me an email once my address shows up in one of the various dumps that leak to the net these days?

A quick tool for end users to check if their emails were compromised:<p><a href="http://labs.sucuri.net/?yahooleak" rel="nofollow">http://labs.sucuri.net/?yahooleak</a>

Something something nail in the coffin.

WTF - Yahoo news posting about Yahoo's username password hacked...this is seriously ridiculous.