On the morning of July 14th, a Saturday, I woke up to find three successive emails in my Gmail inbox. The first, received at 1:56 am, came from the movie site IMDb. The second, sent almost exactly an hour afterwards, was from Yahoo. The third was from Twitter, and it arrived at 3:02 am, just three minutes after Yahoo’s missive. From the subject lines alone, it was pretty clear what had happened.

Days earlier, Yahoo Voices — essentially a content farm that pays users to write short articles for venues such as Yahoo Movies and Yahoo Lifestyle — had suffered a serious security breach. A group of hackers calling themselves the “D33Ds Company” used a relatively simple SQL injection exploit, inserting database instructions in unprotected places, to generate a plain text file containing 453,000 email / password pairs.