Actual password reuse between two breached web sites with plaintext passwords
Study: What do Sony and Yahoo! Have in common? Passwords!
Date: July 12 2012
There were 302 common accounts between the Yahoo! Voices password database breach in July 2012 and SonyPictures.com password database breach in June 2011. How did those user passwords compare?
You might be tempted to draw some conclusions about whether these users followed the common recommendation of changing their password at all sites reusing that same password following the SonyPictures.com breach. However, while we know the date that these breaches were publicized we don't know for sure that the user data was current at the time of the breach. There was some feedback from Yahoo! that their Voices database was "an older file" and may not have actually contained current user data at the time it was disclosed.