BreachExchange mailing list archives

Previous By Date Next
Previous By Thread Next

Yahoo discloses 1 billion accounts breached

From: Richard Forno <rforno () infowarrior org>
Date: Wed, 14 Dec 2016 17:55:39 -0500
Yahoo discloses 1B account breach

Elizabeth Weise , USATODAY 5:46 p.m. EST December 14, 2016

http://www.usatoday.com/story/tech/news/2016/12/14/yahoo-discloses-likely-new-1-billion-account-breach/95443510/

SAN FRANCISCO — Yahoo on Wednesday disclosed a breach that took place in August of 2013 which may have resulted in data 
associated with more than one billion user accounts being stolen.

This new, 1-billion-account breach is separate from a 500-million-account breach the company disclosed in September.

At the time, the 500-million-account breach was the largest on record.

Yahoo said in September that it believed the 500-million-account breach was linked to a state-sponsored actor. In 
Wednesday's statement the company said is has connected some of the activity associated with the 1-billion-account 
breach to the same same state-sponsored actor.

Yahoo did not say what country it believed the state-sponsored actor was working for.

Verizon is in the process of acquiring Yahoo. In a statement, it said "As we’ve said all along, we will evaluate the 
situation as Yahoo continues its investigation. We will review the impact of this new development before reaching any 
final conclusions.”

November disclosure

Yahoo disclosed in November that a law enforcement officials had given it data files showing what appeared to be 
evidence that an unknown third party had access to Yahoo user data.

Yahoo brought in outside forensic experts and confirmed that the data was in fact from Yahoo users.

As part of that analysis, Yahoo now says it believes the attacker “stole data associated with more than one billion 
user accounts,” the company said in a release.

Yahoo does not know who was behind the theft.

The stolen account information may have included names, email addresses, telephone numbers, dates of birth, hashed 
passwords and, in some cases, encrypted or unencrypted security questions and answers, the company said.

Yahoo is working to notify affected users, and is working closely with law enforcement to investigate the breach.

--
It's better to burn out than fade away.


_______________________________________________
BreachExchange mailing list sponsored by Risk Based Security
BreachExchange () lists riskbasedsecurity com

If you wish to Edit your membership or Unsubscribe you can do so at the following link:
https://lists.riskbasedsecurity.com/listinfo/breachexchange
Previous By Date Next
Previous By Thread Next

Current thread: