More than 1 billion Yahoo users hacked in new security breach, company reveals
Yahoo has revealed it was the victim of another cyberattack on its users' data.
The company said Wednesday that it has found evidence of a massive hack that occurred in the fall of 2013 and compromised personal information belonging to more than a billion of the site's users.
Yahoo believes the breach was likely separate from the late-2014 attack it brought to light last September, in which data related to more than 500 million accounts was leaked by what the company thought to be "a state-sponsored actor."
You May Also Like
In this case, law enforcement officials first alerted Yahoo to files that a "third party" claimed were stolen user data. With the help of forensic experts, the company was able to confirm their authenticity but has yet to identify a corresponding intrusion, Bob Lord, Yahoo's security head, wrote in a post providing security information for users.
While the theft doesn't appear to include credit card or bank account information, Yahoo says names, email addresses, phone numbers, dates of birth, MD5-hashed passwords (a form of encryption now widely considered insecure) and security question answers may have been affected.
Yahoo is responding by prompting potentially affected users to change their passwords and invalidating all security questions. Users are also advised to keep an eye out for suspicious activity and avoid any unknown emails asking for personal information.
This Tweet is currently unavailable. It might be loading or has been removed.
The company also disclosed Wednesday that a possibly separate third-party intruder had hacked into Yahoo's proprietary code and forged cookies that allowed access to accounts without a password. Yahoo says it has taken steps to shut them down.
The staggering new revelations come as Yahoo is still in the process of finalizing its $4.8-billion sale to Verizon. While the telecom said it did not plan to renegotiate the deal after the first breach was announced, the new disclosures raise questions of whether it might now try to drive the price down.
A Verizon spokesperson did not immediately respond to our request for comment.
Topics Yahoo
Patrick Kulp is a Business Reporter at Mashable. Patrick covers digital advertising, online retail and the future of work. A graduate of UC Santa Barbara with a degree in political science and economics, he previously worked at the Pacific Coast Business Times.
