On Thursday, Yahoo Inc. announced that it is investigating reports of a possible security breach that could have exposed half a million emails and passwords of its users. Yahoo said that it had begun to look into ‘claims of a compromise of Yahoo! User IDs’ but the company did not say how large or small the reported breach actually could be. Caroline MacLeod-Smith, the Head of U.K. Consumer PR for Yahoo, said that she could not provide any more information about the breach ‘as we are still investigating it.’
Hackers, calling themselves D33D Company, have claimed responsibility for the attack on Yahoo. Technology news sites including Ars Technica, CNET and Mashable said the group had mentioned on its website that it has data for over 453,000 login credentials from an unidentified Yahoo subdomain.
The group, which is not well-known, said it stole the passwords by using an SQL injection. This is a name given to an attack that is used often when hackers use rogue commands to remove data from websites that are not secure.
“We hope that the parties responsible for managing the security of this subdomain will take this as a wake-up call,” the group said about its attack. There is a Ukraine-registered website with the D33D Company that could not be reached as of Thursday.