[MR] spam

Thu Sep 27 04:11:29 PDT 2012

Well, all that aside, it's not usually a bad idea to go ahead and change
your password anyway. The article said that the passwords were retrieved
through an SQL injection, which (for the non-tech folks) is a fancy way of
saying that they put information into a form that tricked the database into
doing something it wasn't supposed to. It does not say that users clicked
on a link that exposed their passwords. Shoddy security on yahoo's part -
sanitizing your database is something very basic that they teach in the
first few web developer and database management classes.

The point being, if you have an @yahoo.com email address, you should change
your password. I've seen the same sort of thing happen with @hotmail.comand @
aol.com addresses. I myself have an @aol.com address that I'd forgotten
about (since I switched to gmail 7 years ago)  - and a friend who was one
of 5 people on that address list sent me a heads up that I was sending out
spam.

TL;DR - It's good practice to change your passwords regularly in case some
site you use (or your email provider) gets hacked.

Glynis Knibb
aka
~Baroness Glynis Gwynedd

"Have you hugged a harp today?"

On Thu, Sep 27, 2012 at 7:02 AM, . . <lizmaekate at hotmail.com> wrote:

>
> Although many yahoo accounts were hacked back in July of this year, it's
> also true that only 5% were valid email addresses.  Given the amount of
> people that appear to have been hacked (not just on this list but upon many
> other lists), that all the sites appear to be have Cyrillic script embedded
> in them( don't try this at home!), and that this is recent, I'm sure this
> is something new that just hasn't been reported yet.  I'll check on the
> hacking and IT security communities later today to see what is up.
>  However, it also may be a case of people being too trusted - since it's
> most common here on the MR- and clicking the link without verifying that it
> is, indeed, something that should be clicked on.
>
> -Lady Isabella
>
> >