Hackers hit Yahoo sites
Half a billion customer accounts at risk
YAHOO is scrambling to warn half a billion people that their accounts were hacked two years ago by a “state-sponsored actor” and their personal information has been up for sale to the highest bidder on hacking websites.
Yahoo has warned its customers who believe they may have been targeted in the attack to change their password and review their account statements and monitor their credit reports.
Questions now loom over the $6.33 billion buyout by Verizon as Yahoo yesterday admitted to what is believed to be the biggest attack of any company’s computer network.
The deal between Verizon and Yahoo signed in July includes a clause that Yahoo was not aware of any security breaches that “could reasonably be expected to have a business material adverse effect”.
Yahoo yesterday issued a statement about the massive security attack, saying that the hackers took information including names, email addresses, telephone numbers and dates of birth.
While Yahoo said the hackers only were able to access “hashed passwords”, which converts passwords into a seemingly random string of characters, but they were also able to access security questions and answers that could enable someone to request a new password.
Rumours of a major Yahoo hack began circulating in June, when a hacker by the name of Peace reportedly put 200 million Yahoo account details on the dark web of encrypted and hidden files used by hackers. The same hacker had report- edly previously stolen data from MySpace and LinkedIn.
But the details of this hack were only revealed yesterday and Verizon reportedly only found out about the massive cyber attack two days ago.
“Based on the ongoing investigation, Yahoo believes that information associated with at least 500 million user accounts was stolen,” the statement said. “Yahoo is working closely with law enforcement on this matter.”
Yahoo is recommending users update their password if they have not done so since 2014. That advice includes those who use Yahoo Mail and who have Yahoo services such as Flickr and Tumblr.
Yahoo has started contacting potentially affected users and urged them to create new security questions so that the old ones can no longer be used to access their account.