One Billion User Accounts Hacked In Yahoo Cyber Security Breach

By Reina Ilagan

Dec 15, 2016 08:41 AM EST

Yahoo discovered a new data breach that exposed the private information from more than one billion user accounts worldwide in an attack that occurred in 2013. This comes just months after the company disclosed a 500-million-account breach that took place in 2014.

Yahoo said that hackers may have accessed the users' names, emails, phone numbers, dates of birth, and passwords. The company assured that aside from the mentioned stolen data, people's bank details had been protected.

"The stolen user account information may have included names, email addresses, telephone numbers, dates of birth, hashed passwords (using MD5) and, in some cases, encrypted or unencrypted security questions and answers," said Bob Lord, Yahoo's chief information security officer.

Users who may have been affected were notified by Yahoo in order to secure their account. People were also encouraged to change their passwords and to monitor for any suspicious activities. They were also urged to review all online accounts, and to avoid clicking links or downloading attachments from suspicious emails.

Although the company first considered the recently disclosed breach as an attack distinct from the 2014 incident, Yahoo revealed that it believed the same intruder is responsible for these two cyber attacks.

The company, which claimed that the hacker is no longer in their corporate network, said that the hacker from 2014 attack had possibly got into Yahoo's system by forging cookies, allowing websites to keep track of the visitors. The unauthorized third party was believed to have accessed the company's proprietary code to learn how to forge cookies.

The Yahoo email systems are being used by major businesses like Sky and BT. Verizon Communications Inc., which has earlier struck a deal to acquire the company, will review the impact of the breach and may renegotiate deal terms.

"We will evaluate the situation as Yahoo continues its investigation. We will review the impact of this new development before reaching any final conclusions," Verizon said.

With cybercrime issues becoming increasingly prevalent, Steve Grobman, Intel Security's chief technology officer, said that the danger is real.

"We're increasingly seeing data being used as a weapon, where leaked or fabricated information is being used to intentionally damage individuals and governments," he said.

"As is the case in any cyber-attack, the incentive is there, the reputation threat is real, and intelligence services have 1 billion reasons to try," he added.

© 2024 VCPOST, All rights reserved. Do not reproduce without permission.

Join the Conversation

Real Time Analytics