Business IT

'All 3 billion' Yahoo users were hit by mega hack

By Staff Writers on Oct 5, 2017 9:24AM
'All 3 billion' Yahoo users were hit by mega hack

Editor's Picks

Don't miss Australia’s premiere IoT Conference on 9th June

5 essential digital transformation ideas

Top 5 Benefits of Managed IT Services

Venom BlackBook Zero 15 Phantom

New intelligence reveals the largest data breach in history was even bigger than first thought.

Yahoo has announced that all three billion of its accounts were affected by a hack in 2013, tripling the number of victims of data breach already considered the largest in industry history.

In December last year Yahoo publicly disclosed that more than one billion user accounts had been affected by a breach on their systems, leading to US$350 million being wiped off the takeover deal by Verizon.

However, Yahoo, a company formed during the earliest days of the internet, has now “obtained new intelligence” that suggests that all three billion of its user accounts were breached.

Announcing the results of a recent investigation, a company statement by Verizon subsidiary Oath said that stolen information included names and addresses, but that passwords stored in plain text, and credit card or transaction information remained secure. The company said it continues to work closely with law enforcement agencies and forensic experts.

Newsletter Signup

Get the latest business tech news, reviews and guides delivered to your inbox.

I have read and accept the privacy policy and terms and conditions and by submitting my email address I agree to receive the Business IT newsletter and receive special offers on behalf of Business IT, nextmedia and its valued partners. We will not share your details with third parties.

“In 2016, Yahoo took action to protect all accounts, including directly notifying impacted users identified at the time, requiring password changes and invalidating unencrypted security questions and answers so that they could not be used to access an account,” Yahoo said in the statement.

Unfortunately, experts claimed in December that encryption technologies used on the passwords were out of date and could be easily bypassed, and that password recovery questions and linked email addresses were included in the data dump, increasing the likelihood that other accounts could be targeted.

The new development will likely have significant legal implications for Verizon, who secured Yahoo in June for US$4.48 billion. As part of those terms, Verizon agreed to share regulatory liabilities for both the 2013 data breach, and a second data breach revealed to have affected 500 million accounts in 2014.

Verizon's CISO Chandra McMahon said that the company is “committed to the highest standards of accountability and transparency, and we proactively work to ensure the safety and security of our users and networks in an evolving landscape of online threats”.

“Our investment in Yahoo is allowing that team to continue to take significant steps to enhance their security, as well as benefit from Verizon's experience and resources.”

However, Yahoo currently faces as many as 43 class-action lawsuits from both the 2013 and 2014 hack, according to a company filing in May, a figure that is almost certainly going to increase. John Yanchunis, the lawyer representing Yahoo customers, said the cases had stalled because a federal judge required more information to legal justify the claims of his clients.

Speaking to Reuters, Yanchunis said: “I think we have those facts now. It's really mind-numbing when you think about it.”

In response to the news, US Senate chairman John Thune said that a hearing will be held later in the month that will cover two massive data breaches at both Yahoo and Equifax, according to Recode. In those reviews, the Senate will decide whether “new information has revealed steps they should have taken earlier, and whether there is potentially more bad news to come.”

This article originally appeared at alphr.com.

Copyright © Alphr, Dennis Publishing
Tags:
data breach security services yahoo
By Staff Writers
Oct 5 2017
9:24AM
0 Comments

Related Articles

  • 5 essential digital transformation ideas
  • Edging towards smart city dreams with edge computing
  • Defend against the cybersecurity threat within
  • Ransomware: what SMBs needs to know
Share on Twitter Share on Facebook Share on LinkedIn Share on Whatsapp Email A Friend

Most Read Articles

5 essential digital transformation ideas

5 essential digital transformation ideas

Don't miss Australia’s premiere IoT Conference on 9th June

Don't miss Australia’s premiere IoT Conference on 9th June

How to build a digital-ready business fit for the future

How to build a digital-ready business fit for the future

Technology predictions for 2022 and beyond

Technology predictions for 2022 and beyond

Poll

What would you like to see more of on BiT?
News
Reviews
Features
How To's
Lollies
Photo Galleries
Videos
Opinion
View poll archive
All rights reserved. This material may not be published, broadcast, rewritten or redistributed in any form without prior authorisation.
Your use of this website constitutes acceptance of nextmedia's Privacy Policy and Terms & Conditions.