Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Share Post: Reddit Facebook
Yahoo hack hit 500 mn users, likely 'state sponsored'
#1
Yahoo said Thursday a massive attack on its network in 2014 allowed hackers to steal data from half a billion users and may have been “state sponsored.”


Yahoo, which confirmed details of the breach months after reports of a major hack, said its investigation concluded that “certain user account information was stolen” and that the attack came from “what it believes is a state-sponsored actor.”

“Based on the ongoing investigation, Yahoo believes that information associated with at least 500 million user accounts was stolen,” a statement from the US internet giant in what is likely the largest-ever breach from a single organization.

“Yahoo is working closely with law enforcement on this matter.”

The comments come after a report earlier this year quoting a security researcher saying some 200 million accounts may have been accessed and that hacked data was being offered for sale online.

Yahoo said the stolen information may have included names, email address, birth dates, and scrambled passwords, along with encrypted or unencrypted security questions and answers that could help hackers break into victims’ other online accounts.

While there is no official record of the largest breaches, many analysts have called the Myspace hack revealed earlier this year as the largest to date, with 360 million users affected.

- Ammunition for hackers -

Computer security analyst Graham Cluley said the stolen Yahoo data “could be useful ammunition for any hacker attempting to break into Yahoo accounts, or interested in exploring whether users might have used the same security questions/answers to protect themselves elsewhere on the web.”

He noted that while Yahoo said that it believes they hack was state-sponsored, the company provided no details regarding what makes them think that is the case.

“If I had to break the bad news that my company had been hacked… I would feel much happier saying that the attackers were ‘state-sponsored,’” rather than teen hackers, Cluley said in a blog post.

It appeared that looted data did not include unprotected passwords or information associated with payments or bank accounts, the Silicon Valley company said.

Yahoo is asking affected users to change passwords, and recommending anyone who hasn’t done so since 2014 take the same action as a precaution.

Users of Yahoo online services were urged to review accounts for suspicious activity and change passwords and security question information used to log in anywhere else if it matched that at Yahoo.

“Online intrusions and thefts by state-sponsored actors have become increasingly common across the technology industry,” Yahoo said in a release.

“Yahoo and other companies have launched programs to detect and notify users when a company strongly suspects that a state-sponsored actor has targeted an account.”

Confirmation of the major cyber breach comes two months after Yahoo sealed a deal to sell its core internet business to telecom giant Verizon for $4.8 billion, ending a two-decade run as an independent company.

It was not immediately clear if the data breach could impact the closing of the deal or the price agreed to by Verizon.

“Frankly, the timing couldn’t be worse for Yahoo,” Cluley said.

The telecom firm said it was reviewing the new information.

“Within the last two days, we were notified of Yahoo’s security incident,” Verizon said in a released statement.

“We will evaluate as the investigation continues through the lens of overall Verizon interests, including consumers, customers, shareholders and related communities.”

Read the full article here

https://www.google.co.in/amp/s/www.yahoo...43037.html
Reply


Possibly Related Threads…
Thread Author Replies Views Last Post
  Google: We're Tracking 270 State-Sponsored Hacker Groups From Over 50 Countries mrtrout 0 713 10-14-2021 , 10:21 PM
Last Post: mrtrout
  Iranian State-sponsored Cybercriminal Hacked Israeli Chief-of-Staff mrtrout 0 1,024 06-17-2021 , 02:58 AM
Last Post: mrtrout
  State-sponsored malware – a real and present danger mrtrout 0 1,251 07-29-2020 , 06:53 AM
Last Post: mrtrout
  Former Yahoo engineer pleaded guilty to hacking dhruv2193 0 1,359 10-01-2019 , 07:17 AM
Last Post: dhruv2193
  Yahoo and AOL just gave themselves the right to read your emails (again) tarekma7 0 2,151 04-16-2018 , 09:29 PM
Last Post: tarekma7



Users browsing this thread: 2 Guest(s)