Yahoo just confirmed that they had disclosed a data breach which is said to have occurred in August 2013. Yahoo had already reported several types of the data breach in September 2016. However, the company claimed that both the attacks are different.
Yahoo already admitted in a filing with the US Securities and Exchange commission (SEC) that some of its staff knew about a possible 2014 hacking. But, Yahoo first revealed about the data breach on 22 September 2016.
Bob Lord, Chief information security officer of Yahoo claimed that they haven’t been able to determine how the data from the one billion accounts was stolen “We have not been able to identify the intrusion associated with this theft”
After analyzing the data given by law enforcement, Yahoo claimed that users DOB, email addresses, security questions and hashed passwords were compromised by the attackers but it didn’t include bank details like credit card number, bank account information because it wasn’t stored on the hacked server.
The stolen user account information may have included names, email addresses, telephone numbers, dates of birth, hashed passwords (using MD5) and, in some cases, encrypted or unencrypted security questions and answers.
Currently Verizon is in the process of acquiring Yahoo for $4.8 billion, the company has some negotiation terms due to multiple hacking incidents. Yahoo also had records of creating email scanning software which scans user’s email on behalf of the US government.
Needless to say, it would be a great idea for Yahoo users to go change the password for their Yahoo account, and any accounts that share the same password.
So, what do you think about Yahoo services? Share your views in the comment section below.
No comments:
Post a Comment