Slashdot Mirror

← Back to Stories (view on slashdot.org)

Yahoo! Japan May Have Had 22 Million User IDs Stolen

Posted by timothy on from the they-just-walked-off-quietly-to-think dept.

hypnosec writes with report of the possible theft of up to 22 million user IDs revealed by Yahoo! Japan. That scale is massive, but, he writes, "According to Yahoo, the information that was stolen didn't have passwords or any other information that would allow unauthorized users to carry out user identity verification." A story at the Japan Times adds a bit more detail.

28 comments

  1. Yahoo has 22 million .jp users? by Anonymous Coward · · Score: 0

    Wow. Good for them.

    1. Re:Yahoo has 22 million .jp users? by davester666 · · Score: 3, Funny

      No, they just store the credentials of all their users around the world in Japan.

      --
      Sleep your way to a whiter smile...date a dentist!
    2. Re:Yahoo has 22 million .jp users? by hcs_$reboot · · Score: 4, Informative

      Yahoo! Japan (and its fellow Softbank) is incredibly popular in Japan, and plays a top role re Internet: ISP, search, mail, cell phones (SB)...
      Question is "why?" Why Yahoo! (mail, search, ...) are still that popular? Why the Japanese didn't follow the Google trend (as much as the Western countries) during the mid 2000, where Yahoo! had (and still has) those very busy pages and (for a long time) the search was of a much lower quality compared to Google, having a lot of results being sponsored by 3rd parties displayed on top without further indications about that sponsoring.
      There is a technical answer: most PCs come with Yahoo! stuff, the search is set to Y! and nobody changes that. The thing is, compared to the West, the Japanese do not have that "pursuit of genuineness" reaction - they trust what is popular and Y! is very popular...
      Furthermore, there is no strong consumer association in Japan, and abuses (in any field) may remain undisclosed for a long time (yes, there is a connection between Y! and abuses).

      --
      Slashdot, fix the reply notifications... You won't get away with it...
    3. Re:Yahoo has 22 million .jp users? by Anonymous Coward · · Score: 1

      Does it matter?

      There are backdoors in all these online services (the Skype one is now confirmed, btw), If you trust any personal data to them, expect it to be shared.

    4. Re:Yahoo has 22 million .jp users? by Anonymous Coward · · Score: 4, Interesting

      Also, Google Japan is abysmal. You can set Google's language settings to "Japanese only", but you enter your search term in kanji, you inevitably end up getting back mostly Chinese hits. You have to add a hiragana character (I usually use hiragana "no") to your search term to get back Japanese hits.

      Yahoo (back when they had their own independent search engine in Japan...they later switched to Bing and now I they're sadly using Google), Bing and others do not have this same issue nearly as badly as Google.

      Plus Yahoo Japan actually has a pretty nice start page with access to dictionaries, etc.

    5. Re:Yahoo has 22 million .jp users? by ikaruga · · Score: 4, Insightful

      Also, Google Japan is abysmal. You can set Google's language settings to "Japanese only", but you enter your search term in kanji, you inevitably end up getting back mostly Chinese hits. You have to add a hiragana character (I usually use hiragana "no") to your search term to get back Japanese hits.

      I've been living in Japan since 2006 and never experienced this. Google Japan will return Japanese sites. It doesn't matter if I write in Kanji, Kana or any western Alphabet. My only complaint is when I'm looking for information in English(mostly programming stuff), I need to manually set up my Google settings to english both for language and locale, otherwise I will still get Japanese pages(and now that they decide to auto translate everything things got even worse). But for the average Japanese, I see no problem at all.

    6. Re:Yahoo has 22 million .jp users? by ikaruga · · Score: 1

      There is a technical answer: most PCs come with Yahoo! stuff, the search is set to Y! and nobody changes that. The thing is, compared to the West, the Japanese do not have that "pursuit of genuineness" reaction - they trust what is popular and Y! is very popular...

      Same in the west. Not only Google pays Mozilla and Apple to set their browsers default search engine to Google(let alone Chrome and Android influences) but they also got so integrated in society(To verb "to google" instead of "to search" being a primary example) that most people don't even bother searching for alternatives.

    7. Re:Yahoo has 22 million .jp users? by flimflammer · · Score: 1

      I have never experienced Google Japan returning Chinese sites regardless of characters I may be using, be it kanji, hiragana/katakana, or hell even english queries, and I have to frequently perform such queries...

    8. Re:Yahoo has 22 million .jp users? by Anonymous Coward · · Score: 0

      Happens to me quite often. If it's a word with just kanji the top hits will always be some chinese garbage.

    9. Re:Yahoo has 22 million .jp users? by Anonymous Coward · · Score: 0

      Are you searching at google.co.jp or at google.com? Just tried it, and while .com gave me mostly chinese, at .co.jp it's all japanese.

    10. Re: Yahoo has 22 million .jp users? by Brobock · · Score: 1

      Have you tried google.com/ncr ?
      This will do a no country redirect and you will get google proper no matter where you are.

    11. Re:Yahoo has 22 million .jp users? by TrollstonButterbeans · · Score: 2

      most people don't even bother searching for alternatives.

      Yahoo and Bing offer search results as impressive as Lycos, Hotbot and Altavista in the 1990s. In fact, as far as I can tell, Yahoo offers the same search results they did in the 1990s.

      Bing could do a $100 million advertising campaign and it wouldn't help unless they take an interest in continually refining and improving their search results. No one "gave" the search engine market to Google, they slowly earned it.

      --
      Priest: "Universe from nothing, no laws of physics, sped up time"+ huge discrepancies. Creationism? No. Big Bang Theory
    12. Re:Yahoo has 22 million .jp users? by Anonymous Coward · · Score: 0

      You're probably using google.com and entering kanji. Try google.co.jp and enter kanji - it doesn't return Chinese results.

    13. Re:Yahoo has 22 million .jp users? by Anonymous Coward · · Score: 1

      I have stayed both inside and outside Japan in the last few years.

      My experience is that, the search results seem to depend on both your locale settings and your IP.

      Can Google confirm this?

    14. Re:Yahoo has 22 million .jp users? by Anonymous Coward · · Score: 0

      Why the Japanese didn't follow the Google trend (as much as the Western countries) during the mid 2000, where Yahoo! had (and still has [yahoo.co.jp]) those very busy pages and (for a long time) the search was of a much lower quality compared to Google, having a lot of results being sponsored by 3rd parties displayed on top without further indications about that sponsoring.

      Part of it is also the ass-pain of entering Japanese characters. All the extra crap in Yahoo makes it a far more clickable site, whereas Google is absolutely dependent on text entry.

    15. Re:Yahoo has 22 million .jp users? by coalrestall · · Score: 1

      I have Google set up to return English and Japanese results, and never had this specific problem, but two I do consistently get:

      1) I search for something using English keywords, and the Japanese Wikipedia entry comes up (English entry nowhere in sight). That's probably Wikipedia's fault somehow. That, and

      2) Whenever I search for anything that resembles a person's name (kanji) the first twenty odd results are name-based fortune telling sites.

  2. Yahoo and other companies by nauseous · · Score: 0

    Obviously the educated security experts understand the definitions of security principles and how to avoid prison but that's about it. It's experiences and skills that a large corporation needs. Also if you think that experts are that great then hire the BS'ers and not the real professionals.

  3. Punctuation trap by Anonymous Coward · · Score: 1

    Is there anybody else that read at first the title as if "Yahoo!" and "Japan" were actually in separate sentences?

    Being so glad about stolen user IDs seemed *really* weird.

  4. And? by dshk · · Score: 3, Insightful

    So 20 million Yahoo user names are revealed. Why is that interesting at all? I guess if I write a script which loops some id for a yahoo info page I get a similar list. Maybe a Google search is enough. Or do not contact external service, just guess: take all Japanese names, append one or two digits to it. Mostly these are valid names.

    1. Re:And? by Threni · · Score: 4, Funny

      > So 20 million Yahoo user names are revealed. Why is that interesting at all?

      This is almost as bad as the pin number leak the other week:

      http://pastebin.com/2qbRKh3R

      I've already changed my pin because of this; I guess a lot of Yahoo users will be changing their user names now.

    2. Re:And? by TrollstonButterbeans · · Score: 2

      AT&T did a massive privacy violation and published a list of residential phone numbers complete with address.

      --
      Priest: "Universe from nothing, no laws of physics, sped up time"+ huge discrepancies. Creationism? No. Big Bang Theory
  5. Retitle "The UNtruth" by ron-l-j · · Score: 1

    "According to Yahoo, the information that was stolen didn't have passwords or any other information that would allow unauthorized users to carry out user identity verification." So yahoo is forced to disclose a data breach by law. But they add to it the nothing important was taken. I would like you to think for your self for a minute. Does a burglar go around robbing homeless peoples shopping carts? People go after what has value, and they stole something. This story should read Yahoo Japan tries desperately to cover their data breach but has to admit to loosing user ID's.

  6. The smell of bullshit. by bmo · · Score: 1

    "According to Yahoo, the information that was stolen didn't have passwords or any other information that would allow unauthorized users to carry out user identity verification."

    There is so much bullshit here that you could grow world-class pumpkins that you need a crane to lift on to the flatbed truck (being careful, because it can crack under its own weight, *and then your fscked.).

    Yahoo has been terrible at keeping control of this stuff, like the *other* massive leak they had just a year ago.

    I used to be a fan of Y! but they started screwing the pooch severely 'round about 2005/6 when they suddenly decided to jump into this "social media" thing (and do it wrong), and it's gone downhill ever since, and the board wonders why Google continues to eat their lunch, breakfast, and dinner. Today, I no longer participate in any of their services at all, and my mail over there is a spamtrap, mostly.

    They lost control of customer data, again? Color me unsuprised.

    --
    BMO

  7. not nice by Wormsign · · Score: 1

    "Yahoo! Japan May Have Had 22 Million User IDs Stolen" Why are you cheering for crime? ;)

  8. Yaay another Marissa Mayer story for CNN by gelfling · · Score: 0

    Lean in, then fall in, on your ass.

  9. darn by slashmydots · · Score: 1

    Boy, they should really leave Yahoo and hop on Tumblr instead. Oh wait...

  10. Well... by Anonymous Coward · · Score: 0

    Maybe Yahoo! shouldn't have been so busy checking on their Tumblr and noticed the world around them...