Security experts are urging users to change their password on Yahoo after a breach of user names and passwords was conducted on Wednesday. While Yahoo says only 5% of the passwords captured by hackers were valid, computer security experts claim that Yahoo was "negligent" in protecting the data properly.

"When that data is out there, it really is incumbent upon them to protect it wherever it might be and that wasn't being done," Dr. Clifford Neuman, director of the USC Center for Computer Systems Security, said.

According to Neuman, the hackers, who go by: D33D Company, robbed the un-encrypted passwords using an SQL injection. That is a common method for hackers to acquire data from weakly protected sites.

"The particular kind of attack that was exploited here is one that has been known for many years. We see it coming up again and again," Neuman said.

Yahoo addressed how they will take action in changing the "vulnerability" of the site, in a statement released on Thursday.

"We are taking immediate action by fixing the vulnerability that led to the disclosure of this data, changing the passwords of the affected Yahoo! users and notifying the companies whose users accounts may have been compromised. We apologize to all affected users," the company stated.

While site protection is important, Neuman suggests that users can make a great barrier for hackers if they use passwords wisely. He recommends complex passwords and never using the same one for all accounts.

"More importantly, you need to change your password not just on Yahoo, but on online banking sites where a lot of users will use the same user name and password on the online banking site that they use on a site like Yahoo. You should never do this," Neuman said.

Hackers targeted users of Yahoo Voices on Wednesday, July 11. Some of the users were also Gmail, AOL, and Hotmail account holders. Data containing passwords from those accounts were also stolen in the Yahoo breach.

Yahoo confirmed that as much as 450,000 email addresses and passwords were attained by the hackers. "The security breach targeted what the company said was an "old file" from the Yahoo Contributor Network, which is a content-sharing platform," ABC News reports.

Tags
Yahoo, Hackers