David Pilling wrote: > Hi, > > In message <0J9oUjDrUeAQFwdt@xxxxxxxxxxxxxxxxxxx>, David Pilling > <flist@xxxxxxxxxxxxxxxxxxx> writes >> In the cases I'm talking about, the people were able to see that their >> yahoo accounts had actually been accessed - so not computer virus's > > Richard I'd better take that back, because presumably if your PC is > compromised (think worst case, a key logger) you'd give away your yahoo > password. They didn't believe they had computer virus's. The following quote was on the Usenet group news.admin.net-abuse.email, which I found illuminating. Bruce ---------------------------- > My wifes email address and password was in that file (can get the full > list from thepiratebay) but she denied ever having to do anything with > yahoo. > > Just for yucks I searched for about 50 names at random and none of them > were part of yahoo voices. > > That list is from another company, Associated Content, which was purchased > by Yahoo in 2010. The file was the email/password list from the sale. I > don't think they were ever integrated to any yahoo service. > > Worse case is with people using the same password for multiple sites, you > kind of know now. > > I'm not defending yahoo, was pretty stupid to use a non-encrypted password > field in the database server and leave it online somewhere, but it does > seem to be pretty stale data. > > And yes, the most common passwords once again were 123456 and password. > > Sometimes people deserver what they get. To unsubscribe or subscribe goto: //www.freelists.org/list/davidpilling