Yahoo said the affected system didn’t contain payment card data or bank account information.
Advertisement
Yahoo announced on Thursday that the account information of at least 500 million users was stolen by hackers two years ago. Some personal information such as names, phone numbers, dates of birth and unencrypted security questions and answers were stolen.
The integrity of past and current Yahoo users’ personal information has been severely compromised with the news that as many as 500-million user accounts have been leaked.
Yahoo said it was working with law enforcement on the matter.
Yahoo had no evidence that the stolen bcrypt-protected passwords or security questions and answers were used to gain unauthorised access to Spark accounts.
Yahoo also is recommending that all users change their passwords if they haven’t done so since 2014. These include invalidating unencrypted security questions and answers so that they can not be used to access an account and asking potentially affected users to change their passwords.
Well-known Cryptologist – Bruce Scheier said that this is the biggest data breach ever.
The announcement comes as Verizon Communications moves forward with its $4.8 billion acquisition of Yahoo.
The Yahoo breach follows a rising number of large-scale data attacks and could make it a watershed event that prompts government and businesses to put more effort into bolstering defences, Dan Kaminsky, a well-known internet security expert, told Reuters.
While the firm has said that it does not believe the attacker is now in the Yahoo network, it is notifying affected parties and implementing additional security measures.
Back in August, a website called Motherboard reported that a hacker who goes by the alias “Peace” was trying to sell copies of a file with 200 million stolen Yahoo user accounts for about $1,900.
BT, which has used email services provided by Yahoo, said: “BT is now investigating the Yahoo data breach”.
The Data breach is a reminder of how extensive hacking is, it also highlights the vulnerability of information theft and passwords, states a report on CBS news.
According to The Wall Street Journal, Yahoo believes that the 2014 massive security breach has carried on by a “state-sponsored actor”.
Advertisement
That’s sound advice-changing passwords as soon as you’re aware of a breach is always advisable.
