Troubled internet pioneer Yahoo has suffered yet another embarrassing snafu, dpa reported.
On Thursday the company acknowledged that hackers had exposed a breach on one of its websites and stolen 450,000 usernames and passwords.
Yahoo gave few details about the security breach, but security analysts said hackers penetrated a Yahoo site called Yahoo Voices, which features user articles, videos and slideshows. Yahoo bought the site from Associated Content, and many users had reportedly logged onto the site using non-Yahoo email addresses.
The hackers copied files that contained user log-ons and passwords as well as their access details to other internet services such as Hotmail.com, Gmail.com and AOL.com.
The hacker group, known as D33Ds Company posted details of the 453,000 accounts online, just a day after popular social network Formspring was forced to reset the passwords of its 28 million users after an even bigger breach.
"We hope that the parties responsible for managing the security of this subdomain will take this as a wake-up call and not as a threat," read a note included in the password dump, Information Week reported.
In a statement published on the blog TechCrunch.com, Yahoo apologized for the theft of data and said it was working to fix the vulnerability.
Yahoo was changing the passwords of the affected users and informing other companies whose users' accounts may have been compromised, the statement said. Yahoo said that only 5 per cent of the compromised Yahoo accounts had valid passwords.
Yahoo had troubles even before the latest bad news.
The company has already been forced to oust two chief executives within the last year amid unwanted controversy, as it falls further behind newer rivals like Google and Facebook in the race for internet audiences and advertising dollars.