Denis Balibouse / Reuters
Yahoo has confirmed in a press release that a hacker, possibly working with a foreign government, stole 500 million users' account information in 2014.
The company said that it is working with law enforcement to catch the hacker. The data breach may have included names, email addresses, telephone numbers, dates of birth, hashed passwords, and security questions and answers. Financial data, according to Yahoo, were not part of the information taken.
Recode reports that a hacker nicknamed “Peace” may be responsible. In early August, a hacker by the same name had listed data from 200 million Yahoo accounts for sale on the Dark Web. At the time, Yahoo said it was aware of the listing, but it did not issue a password reset.
Yahoo is asking users to change their passwords and to be wary of any unsolicited communication. The company has updated its security FAQ page to include response measures, sent a security email to affected users, and issued a slew of other recommendations to users, including changing security questions, reviewing accounts for suspicious activity, and not clicking any links or downloading any materials from unverified emails. The company&039;s investigation into the hack is ongoing.
The hack may affect the $4.8 billion sale of Yahoo&039;s core business to Verizon. Verizon said in a prepared statement, “Within the last two days, we were notified of Yahoo&039;s security incident. We understand that Yahoo is conducting an active investigation of this matter, but we otherwise have limited information and understanding of the impact. We will evaluate as the investigation continues through the lens of overall Verizon interests, including consumers, customers, shareholders and related communities. Until then, we are not in position to further comment.”
Many online responses criticized the pace of Yahoo&039;s response and joked about its relevance in 2016:
The hack may also spread to other websites and accounts. Yahoo account holders should change their passwords for other websites as well, cybersecurity experts advise. Shuman Ghosemajumder, CTO of the Shape Security, said, “The real issue now is that these passwords will be used to breach thousands of other websites unrelated to Yahoo, as cybercriminals use advanced automated tools to discover where users have used those same passwords on other sites.”
Quelle: <a href="500 Million Yahoo Accounts Have Been Hacked“>BuzzFeed
Published by