Yahoo’s investigation is ongoing, but it believes that details stolen did not include payment card data, bank account information, which were stored in a different system to the one that was breached.
Advertisement
Blaming a “state-sponsored actor” – without naming any country in particular – for the massive hack, Yahoo said that the users’ personal information compromised by the hackers included user names, birth dates, email addresses, phone numbers, and even encrypted passwords.
Although Yahoo said a “state-sponsored actor” is behind the hack – a term used for an individual acting on behalf of a government – experts say the information obtained could be used for everything from blackmailing and spamming users to discovering their passwords on other services.
Yahoo also is recommending that all users change their passwords if they haven’t done so since 2014.
It comes just days after Spark announced it would be ditching Yahoo as the provider of its email service Xtra Mail.
“We understand that Yahoo is conducting an active investigation of this matter, but we otherwise have limited information and understanding of the impact”, Verizon wrote in an emailed statement.
Yahoo is notifying potentially affected users and has taken steps to secure their accounts.
Spark says it will get in touch directly with affected customers when it has more information.
Verizon said it still does not know enough about the Yahoo break-in to assess the potential consequences.
“We will evaluate as the investigation continues through the lens of overall Verizon interests”, the company said.
While Yahoo learned in July about a possible breach, it’s common for investigations to take weeks or longer as forensics experts sift through computer logs and government agencies comb databases of internet traffic for signs of computers communicating with known bad actors.
Stealing data on 500 million accounts is usually no easy task, he added.
An investigation is still continuing into the breach, which Yahoo said happened in late 2014. Companies typically disclose only the data they can prove was taken. “The hackers probably attacked slowly, and quietly, without anyone watching”, Kremez said.
Two other people familiar with the Yahoo investigation said the link to a nation state is not iron-clad.
However, it remains unclear how Yahoo’s disclosure will affect its deal with Verizon.
Yahoo may have relied on older “perimeter” defences, which miss the fact that once hackers are inside a corporate network they are “trusted and in a position to wreak havoc”, Tom Patterson, vice president of global security solutions at Unisys Corp., wrote in an email. Hackers and data hoarders have been trading the information online. The attack is believed to be state-sponsored because of its resemblance to previous hacks traced to Russian intelligence agencies.
LinkedIn said in May it was investigating whether a breach of more than six million user passwords in 2012 was bigger than originally thought, following a hacker’s attempt to sell what was purported to be login codes for 117 million accounts.
Advertisement
“It is a broad sweep of getting information on people and building up profiles on those who may be of use to them”.
