Site   Web

October 4, 2017

3B Accounts Hit in 2013 Security Breach, Yahoo Now Admits

Yahoo has set a new world record.

The Internet company, in a statement this week, said the 2013 cyber-attack of its systems resulted in the breach of every single user account it had at that time: three billion, to be exact. That is far more than the one billion accounts it originally estimated when the company broke the news last year. 

Yahoo, which was purchased by Verizon this summer, was quick to point out the matter “is not a new security issue,” but said it is sending e-mail notifications to the additional affected user accounts.

“Verizon is committed to the highest standards of accountability and transparency, and we proactively work to ensure the safety and security of our users and networks in an evolving landscape of online threats,” Verizon chief information security officers Chandra McMahon said. “Our investment in Yahoo is allowing that team to continue to take significant steps to enhance their security, as well as benefit from Verizon’s experience and resources.”

The stolen user account information from the breach is thought to have included names, e-mail addresses, telephone numbers, dates of birth, hashed passwords (using MD5) and, in some cases, encrypted or unencrypted security questions and answers.

Yahoo’s investigation into the incident, with the assistance of outside forensic experts, has revealed that passwords in clear text, payment card data and bank account information were not accessed by the hackers. Yahoo said payment card data and bank account information are stored on a system separate from the one that was targeted by hackers.

Yahoo, which became part of Oath along with AOL after the Verizon purchase, has yet to reveal the group behind the security breach, although the company has said the attack is believed to be state-sponsored.

Verizon closed its $4.48-billion all-cash purchase of Yahoo’s Internet division back in June. The sale ended up being $350 million less than the $4.83-billion Yahoo was originally seeking, however, due to both the 2013 security breach and a 2014 attack that hit more than 500 million accounts.

Anyone seeking information on how their Yahoo account may be impacted can find answers via a security FAQ provided by Yahoo.


avatar

Jennifer Cowan is the Managing Editor for SiteProNews.

One Response to “3B Accounts Hit in 2013 Security Breach, Yahoo Now Admits

    avatar Andrea Torti says:

    Each time I read something about this databreach, it gets worse and worse – I wonder if Verizon is feeling some “buyer’s regret”, right now.

Submit a Comment

Your email address will not be published. Required fields are marked *






Please leave these two fields as-is:

Protected by Invisible Defender. Showed 403 to 6,412,983 bad guys.

css.php