Yahoo confirms more than 500 million accounts hacked by "state sponsored" hacking group
In a statement released on businesswire, Yahoo said a hack of its network in late 2014 breached information related to at least 500 million user accounts. The company says it believes "a state-sponsored actor" is responsible for the hack.
"The account information may have included names, email addresses, telephone numbers, dates of birth, hashed passwords (the vast majority with bcrypt) and, in some cases, encrypted or unencrypted security questions and answers," Yahoo said in the statement. The company added, however, that the hack "did not include unprotected passwords, payment card data, or bank account information."
A hacker was recently found to be selling information related to 200 million accounts, although today's announcement suggests the scope of the breach was wider than believed. Yahoo said it is working with law enforcement on an investigation, although it did not provide any details on why it believed the hack was state-sponsored.
The hacker, who goes by the pseudonym "Peace" or "peace_of_mind," has uploaded 200 Million Yahoo! credentials up for sale on an underground marketplace called The Real Deal for 3 Bitcoins (US$1,824).
Over past few months, a large number of data breaches have been reported to plague companies like LinkedIn, MySpace, Tumblr, and VK.com as hackers put up for sale massive data dumps of user credentials stolen earlier in the decade.
Yahoo said in its statement that anyone with an account who has not changed their password since 2014 change it immediately.
Update: Yahoo! started sending email to all Yahoo user including me.. I receive mail this morning.
Meanwhile Yahoo's announcement was forthcoming. Verizon is currently moving to acquire Yahoo, a deal that Recode reports may be frustrated by today's news.
Source : Yahoo Statement
"The account information may have included names, email addresses, telephone numbers, dates of birth, hashed passwords (the vast majority with bcrypt) and, in some cases, encrypted or unencrypted security questions and answers," Yahoo said in the statement. The company added, however, that the hack "did not include unprotected passwords, payment card data, or bank account information."
A hacker was recently found to be selling information related to 200 million accounts, although today's announcement suggests the scope of the breach was wider than believed. Yahoo said it is working with law enforcement on an investigation, although it did not provide any details on why it believed the hack was state-sponsored.
The hacker, who goes by the pseudonym "Peace" or "peace_of_mind," has uploaded 200 Million Yahoo! credentials up for sale on an underground marketplace called The Real Deal for 3 Bitcoins (US$1,824).
Over past few months, a large number of data breaches have been reported to plague companies like LinkedIn, MySpace, Tumblr, and VK.com as hackers put up for sale massive data dumps of user credentials stolen earlier in the decade.
Yahoo said in its statement that anyone with an account who has not changed their password since 2014 change it immediately.
Update: Yahoo! started sending email to all Yahoo user including me.. I receive mail this morning.
Meanwhile Yahoo's announcement was forthcoming. Verizon is currently moving to acquire Yahoo, a deal that Recode reports may be frustrated by today's news.
Source : Yahoo Statement
No comments
Post a Comment