fbpx

DIY Photography

Hacking Photography - one Picture at a time

Search

Submit A Story

Yahoo hacked, 500 million passwords stolen, change your Flickr password

by 7 Comments

flickr-hacked

If you own a Flickr account you should probably change your password the minute you read this post. Yahoo says that the data breach occurred in late 2014 and “The account information may have included names, email addresses, telephone numbers, dates of birth, hashed passwords (the vast majority with bcrypt) and, in some cases, encrypted or unencrypted security questions and answers“.

This does not mean that your Flickr password was necessarily stolen (and if it was, it is not that easy to un-hash hashed passwords), but you should probably change your password just to be safe. Especially if this user/password combo is used for more than Flickr.

You can read more about this breach on Yahoo’s FAQ.

[via cnn]

P.S. in case you are looking for an alternative, here are some self hosted options for you.

Related posts:

Hacker Uses Photographs To Hack German Defense Minister’s Fingerprints. Brings Attention To Security Failures Was Sony’s Site Hacked? Listed DSLR Cameras and Lenses Up To 90% Off Flickr’s future uncertain as Verizon seem set to buy Yahoo for $5 billion It’s official: Verizon now owns Yahoo and Flickr

About Udi Tirosh

Udi Tirosh is the Founder and Editor in Chief of DIYPhotography, he is also a photographer, a relentless entrepreneur, a prolific inventor and a dad, not necessarily in that order

  • Chris c

    People don’t actually put real info into a free service

    • Your statement is terribly simplistic, incredibly naive, and just plain wrong. It doesn’t matter if people “put real info into a free service” or not, it’s beside the point.

      The point is that the data that was stolen can easily lead to financial loss (for individuals or companies) or identify theft. If the hackers manage to un-hash the passwords then it could compromise other accounts hosted elsewhere since people seem to like re-using the same simple password everywhere. One hacked service can easily lead to another service getting hacked. Hacked accounts could also be used to send out spam, to launch attacks, i.e. DoS or DDoS attacks against targets, or for any other number of nefarious purposes.

      The worrying thing is that the hack occurred two years ago and it’s only being reported now.

      It’s kinda funny I listed security and hosted services getting hacked as one reason why I have decided to ditch using Flickr (read about it here: http://kulture.com.au/blog/so-long-and-thanks-for-all-the-photos/). This just proves me right and I have just asked yahoo to delete all of my accounts that I have with them, even the main account I use for Flickr.

  • It was hacked in 2014

    • Yep… A bit late to change your password I’d say… :-(

  • hahaha again xD

  • Lol yahoo. Lol.

  • Kriztoper

    wait….they’ve been hack back in 2014 and they’re just letting us know NOW?

Recent Posts