[nsp-sec] Yahoo / Hotmail accounts
Jon Lewis
jlewis at lewis.org
Tue Sep 27 18:28:09 EDT 2011
I posted about this yesterday on another private list where I thought each
of these orgs had representation. There's been no reply, so I'll try
again here:
While analyzing the disk from a cloud server terminated for AUP
violations, I found files containing 10s of thousands of apparently valid
yahoo and msn/hotmail username/passwd pairs. I tested a few of each just
to see if they were valid.
If someone contacted me saying they had a list of accounts and passwords
for my users/systems, I'd want the list, and I'd lock all the accounts
ASAP.
Perhaps I'm foolish for thinking Yahoo or Hotmail would do the same?
----------------------------------------------------------------------
Jon Lewis, MCP :) | I route
Senior Network Engineer | therefore you are
Atlantic Net |
_________ http://www.lewis.org/~jlewis/pgp for PGP public key_________
More information about the nsp-security
mailing list