Do you Yahoo? 500M affected by new hack

The hits keep coming for beleaguered search engine icon Yahoo Inc. – and not the good kind.

On Thursday, the company revealed that what it called a “state-sponsored actor” stole personal information from at least 500 million user accounts in late 2014.

“The account information may have included names, email addresses, telephone numbers, dates of birth, hashed passwords (the vast majority with bcrypt) and, in some cases, encrypted or unencrypted security questions and answers,” the company wrote in a Sept. 22 statement.

However, it’s unlikely the stolen information included payment card data or bank account information, as neither was stored on the affected system, the company said.

In addition to notifying potentially affected users and recommending that those who haven’t changed their passwords since 2014 do so, Yahoo said that it’s taking steps to secure accounts, such as invalidating unencrypted security questions and answers. The company is also working with U.S. authorities to investigate the breach further.

The leaks revealed yesterday are only the latest in a string of recent high-profile data breaches, with Yahoo joining a red-faced class of 2016 that so far includes LinkedIn and Dropbox.

They also represent the latest setback in the company’s ongoing attempts to rehabilitate its floundering image, and could even affect its recent acquisition by U.S. telecommunications giant Verizon Communications Inc. for $4.8 billion USD – an amount that some analysts speculate was fuelled more by Yahoo’s value as a content creator than as a search engine.

“The dark cloud this casts will be very long and will likely impact the merger agreement,” Jeff Kagan, a Georgia-based telecommunications industry analyst, told the Washington Post in an email. “We’ll just have to wait and see what happens next.”

Verizon only learned of the security breach this week, according to a Sept. 22 statement from the company, and Yahoo declined to say whether it learned of the breach before or after the deal was announced when asked by the Post.

“We understand that Yahoo is conducting an active investigation of this matter, but we otherwise have limited information and understanding of the impact,” Verizon said in its statement. “We will evaluate as the investigation continues through the lens of overall Verizon interests, including consumers, customers, shareholders and related communities. Until then, we are not in position to further comment.”

Would you recommend this article?


Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication.

Jim Love, Chief Content Officer, IT World Canada

Featured Download

Eric Emin Wood
Eric Emin Wood
Former editor of turned consultant with public relations firm Porter Novelli. When not writing for the tech industry enjoys photography, movies, travelling, the Oxford comma, and will talk your ear off about animation if you give him an opening.

Featured Story

How the CTO can Maintain Cloud Momentum Across the Enterprise

Embracing cloud is easy for some individuals. But embedding widespread cloud adoption at the enterprise level is...

Related Tech News

Get ITBusiness Delivered

Our experienced team of journalists brings you engaging content targeted to IT professionals and line-of-business executives delivered directly to your inbox.

Featured Tech Jobs