It’s happened again to Yahoo account users – they were hacked. This latest announcement says that ONE BILLION accounts were compromised. Read that again – ONE BILLION accounts. Here is the email I received that was sent to all Yahoo users: NOTICE OF DATA BREACH
Of course Yahoo is trying to put a positive spin on this (really!) saying “The investigation indicates that the stolen information did not include passwords in clear text, payment card data, or bank account information. Payment card data and bank account information are not stored in the system we believe was affected.”
This is a report from Wired.com:
IN SEPTEMBER, YAHOO had the unfortunate distinction of disclosing an enormous 500 million-account breach. Tough stuff. Somehow, though, the company seems to have topped even that staggering figure. Yahoo announced on Wednesday that hackers, in what’s likely a separate attack, compromised one billion of the company’s user accounts in August 2013. One billion. That makes this the biggest known hack of user data ever, and it’s not really close.
The most important thing we know so far is that Yahoo says “this incident is likely distinct from the incident we disclosed on September 22, 2016.” That other breach happened in late 2014, so this new (even bigger) one took place about a year earlier. Yahoo has been working with law enforcement and a third-party cybersecurity firm to to verify the hack and trace its origin, but the company says that so far it doesn’t know who the perpetrator was.
Yahoo says that the breached data includes names, email addresses, phone numbers, birthdays, hashed passwords, and a mix of encrypted and unencrypted security questions and answers. If you’re looking for a silver lining, Yahoo says the breach does not include unencrypted passwords, credit card numbers, or bank account information. Specifically, the company says that financial data is stored in a separate system that it doesn’t believe was compromised. READ MORE ON YAHOO HACK
From Bloomberg TV: Yahoo! disclosed a second major security breach that may have affected more than 1 billion users, giving an update on its probe into hacks on its system before the sale of its main web businesses to Verizon Communications. Bloomberg’s Jordan Robertson reports on “Bloomberg Technology.”