The passwords to 432,000 email accounts were leaked earlier today. They were leaked from an older Yahoo file associated with the Yahoo! Contributor Network. Yahoo claims that only about 5 percent of the accounts had valid (current) passwords, but here's how to check if your ancient account is one of them.


Security company Sucuri has put together a tool to check if your email is included in the 400,000+. It also notes that you might want to check even if your account isn't at Yahoo:

[Sucuri] notes that 135,599 emails came from yahoo.com; but that a further 106,185 came from gmail.com; 54,393 from hotmail.com; 24,677 from aol.com; 8,422 from comcast.net and 6,282 msn.com.


Here's Yahoo's statement on the hack:

At Yahoo! we take security very seriously and invest heavily in protective measures to ensure the security of our users and their data across all our products. We confirm that an older file from Yahoo! Contributor Network (previously Associated Content) containing approximately 400,000 Yahoo! and other company users names and passwords was stolen yesterday,July 11. Of these, less than 5% of the Yahoo! accounts had valid passwords. We are fixing the vulnerability that led to the disclosure of this data, changing the passwords of the affected Yahoo! users and notifying the companies whose users accounts may have been compromised. We apologize to affected users. We encourage users to change their passwords on a regular basis and also familiarize themselves with our online safety tips at security.yahoo.com.

All told, it's unlikely you've got anything to worry about, but it's better safe than hacked into oblivion. [TechCrunch]