New Yahoo Breach Hits 1 Billion Users
- Author: Ronnie Bowen Dec 17, 2016,
Dec 17, 2016, 1:00
What could be termed as the biggest data breach in the recent years, Yahoo has discovered a 3-year-old security hack that enabled a hacker to compromise more than 1 billion user accounts.
The number of affected accounts was double the number implicated in a 2014 breach that the Internet company disclosed in September and blamed on hackers working on behalf of a government.
The new disclosure could jeopardize Verizon's$4.83 billion acquisition of Yahoo's core internet business, a deal announced in July and expected to close in early 2017.
On the bright side, Yahoo's internal investigation believes that payment card data or bank account information was not stolen from these accounts, as it is not stored on the same system.
Komarov told Bloomberg that more than 150,000 United States government and military employees' details were also found in the database, which means that hackers could target those users' accounts to threaten national security.
Recurring data hacks raise questions about Yahoo!'s capability to ensure essential privacy standards.
After the new breach was revealed, Verizon told CNBC: "As we've said all along, we will evaluate the situation as Yahoo continues its investigation".
"We will review the impact of this new development before reaching any final conclusions", it added.
21st Century Fox approaches Sky for estimated $31.27 billion dollar takeover
A combination of 21st Century Fox and Sky would be the latest to bring together a maker of TV and movies and a distributor of it. There has always been speculation that another takeover deal was coming from 21st Century Fox.
The next steps for affected users are simple, says David Senf, vice-president of infrastructure solutions group at analyst firm IDC Canada: Reset your password and start using good habits when creating passwords on other sites. The company also disclosed on Wednesday that it believes an unauthorized third party also accessed "the company's proprietary code to learn how to forge cookies", and that some of those actions have been linked to the same state-sponsored actor in the 2014 data breach. By contrast, staying with Yahoo means those accounts that were breached would be forced to reset their passwords, among other security measures.
In some cases, account holders' encrypted and unencrypted security questions and answers could also have been stolen. Verizon wasn't trying to reduce the purchase price of Yahoo because the cost of future liabilities - if any - is unknown, the people said, therefore asking for a price discount would effectively be a bet.
In the latest disclosed breach, information taken from some of the accounts include unencrypted security questions and answers, which could leave users even more vulnerable to attacks. "It's a leak that could allow foreign intelligence services to identify employees and hack their personal and work accounts, posing a threat to national security".
Shares of Yahoo's stock fell more than 4 percent, while Verizon shares ticked 0.9 percent higher after the report.
"I would strongly recommend it, even if you don't have a Yahoo account", Nigam said.
Yahoo has announced another huge security breach, leaving its users fretting once again about their personal information.
Yahoo didn't say if it believes the same hacker might have pulled off two separate attacks. The event was unearthed by forensic experts after law enforcement investigators warned the company about a potential breach.