Yahoo! finally admitted 450,000 email addresses and passwords from its login system leaked out to the Internet.
The breach became public after security expert Kevin Mitnick posted about it on Twitter. The thought initially was it concerned just the Yahoo! Voice service.
According to Yahoo!, an “old file” from the Yahoo! Contributor Network content sharing platform suffered a compromise and it is the source of the login data.
The company said around 5 percent of the leaked 450,000 email address and password combinations have valid passwords. Doing the math and following what Yahoo! said, it means 22,500 email address and password combinations with valid passwords leaked.
Yahoo! said it is working on fixing the vulnerability and will change the passwords of affected users as well as notify other companies whose user accounts suffered from the breach.