facebook rss twitter

Yahoo hack in 2013 exposed another billion accounts

by Mark Tyson on 15 December 2016, 10:01

Tags: Yahoo! (NASDAQ:YHOO)

Quick Link: HEXUS.net/qadcb3

Add to My Vault: x

Yahoo has issued a security notice as it has found out that "data associated with more than one billion user accounts," was stolen in August 2013. The internet firm was tipped off by law enforcement officers and believes this hack and grab to be 'distinct' from the recently reported breach of 500 million Yahoo accounts (which actually occurred in late 2014).

In this latest reported hack and access of Yahoo data by an unauthorized third party, the following user data was swiped:

  • Name,
  • phone numbers,
  • date of birth,
  • hashed passwords (MD5),
  • and email addresses.

Yahoo noted that any associated bank and payment card data was not stolen. Furthermore, those affected will receive a Yahoo notification asking that the passwords are changed. Some affected users will also find that old unencrypted security questions and answers have been invalidated, for security.

Forged cookies

If the above 1bn user account hack and September's news of half a billion accounts hacked isn't enough, Yahoo has an ongoing investigation regarding the use of 'forged cookies' to sneakily access Yahoo accounts during 2015 and 2016. Such hacker-created cookies "could allow an intruder to access users' accounts without a password," admits Yahoo.

Again, affected account holders are being notified, with the forged cookies invalidated. Interestingly, Yahoo says that the forged cookies exploit comes from "the same state-sponsored actor" believed to be responsible for the (2014) data theft disclosed in September.

In the dotcom boom Yahoo was once valued at $125bn. Now Verizon, the company in the process of buying Yahoo's operating business for $4.8bn, might be looking to get a discount to close the deal.

HEXUS Forums :: 5 Comments

Login with Forum Account

Don't have an account? Register today!
Must have been hacked by a bunch of yahooligans…..

/fetches coat
So which email service to use, now?
Gmail is apparently OK, but useless on features…
I think Hillary Clinton might have an email service spare somewhere…
Yahoo has 2 step verification for their email system making it as safe as Gmail but I think some insider job did them bad. With yahoo mail if you log into the mail 500km from where you last logged in it will as for the 2 step verification.
Well Ahh would go Three Hun-Dred miles,
And Ahh would go Three Hun-Dred more,
Just tae be tha man who hacks in to yer
Yahoo Mail, just like before…

And noo ye have tha' song in yer heid!! :lol: