Check Your Passwords: Yahoo Warning

I want to share a warning that Yahoo sent to some account holders, and it’s worth noting because it’s a serious issue. Apparently someone was able to obtain email address information and matching passwords for Associated Content, and this could pose an issue for some people who use the same password (or password naming convention) on multiple websites.

Here’s what Yahoo emailed to account holders who were impacted:

“You may have read in press reports that Yahoo! recently confirmed an older file containing approximately 450,000 email addresses and passwords—provided by writers who had joined Associated Content prior to May 2010—was publicly posted on the Internet. This file was a standalone file that was not used to grant access to Yahoo! systems and services. This message is being sent to an email address in this compromised file.

We are taking important steps to address this issue and have now fixed the vulnerability that led to the disclosure of the data and enhanced our underlying security controls. As a non-Yahoo! account holder, we apologize that we cannot provide you a direct means to secure your account. We strongly recommend that you employ the security mechanisms recommended by your email service provider to secure your account.

Additionally, given the high frequency of consumers using the same login information on services across the Internet, we strongly advise users to:

– Change their passwords for any account they hold every few months,
– Use a different password for each service or website, and
– Create passwords using a mixture of characters, symbols, and numbers.

We also suggest that you proactively monitor the activity on any account you have created online. Specifically, be on the lookout for spam originating from your email, and check your sign-in activity from time to time. If you see anything suspicious—like your account was accessed in Romania when you were home in Chicago—you should change your password immediately.

We take security very seriously at Yahoo! and invest heavily in protective measures to ensure the security of our users and their data across all our products. In addition, we will continue to take significant measures to protect our users and their data.

We sincerely apologize for this matter.
Yahoo! Inc.

Associated Content (now Yahoo Voices) is a website for writers to publish articles. Domain investors may be impacted because Associated Content was used by some publishers to add links to their websites (for SEO and traffic). If you have/had an Associated Content account you should make sure you aren’t impacted.

I recommend having different logins and passwords for registrars, parking companies, email…etc.

Elliot Silver
Elliot Silver
About The Author: Elliot Silver is an Internet entrepreneur and publisher of Elliot is also the founder and President of Top Notch Domains, LLC, a company that has closed eight figures in deals. Please read the Terms of Use page for additional information about the publisher, website comment policy, disclosures, and conflicts of interest. Reach out to Elliot: Twitter | Facebook | LinkedIn


  1. I came “home” Thursday evening and could not access my email account. I thought it had been hacked as I have received dozens of emails purporting to be AT&T or Yahoo or Paypal etc over the last year or so stating they needed my signin and password for some reason or another. Anyway, my email is back but that was a scare given all the historical data in that email account. I went ahead and changed the passwords on a couple of other accounts.

  2. Why did this list even exist in the first place. Companys should follow the golden rule with passwords. Treat people’s passwords how they would want their passwords to be treated. That being said, passwords should always be stored encrypted. If they are stored encrypted then nobody will be able to know what it is. It will not even be able to be retrieved, only reset. Any place that supports password retrieval is not encrypting your password, at least not appropriately.


Please enter your comment!
Please enter your name here

Recent Posts

Rationale Behind Acquisition

It's not often that we hear from the founders of a company to discuss why they spent what they did to acquire a specific...

.Bet Domain Name Acquired for 5 Figures, Reportedly Resold for $600k

According to a tweet from Identity Digital (formerly Donuts), the domain name reportedly sold for $600,000. I have not verified or researched the...

Finalize a Deal by Connecting on LinkedIn

When I agree to a negotiated deal on a platform like Dan or Sedo, I have always held the expectation that the payment will...

Google Ads Selects Squadhelp for Case Study

If you have visited a Squadhelp landing page, chances are good that you have seen their advertising when you visit other websites that have...

Reliance is “More than Metal” Following Upgrade

Reliance Steel & Aluminum Co. has existed as a business for more than 80 years and is publicly traded under the RS ticker symbol...