Previewed at WWDC, launching in the fall.
At Least 500 Million Yahoo Accounts Hacked in Late 2014
Yahoo today confirmed that "at least" 500 million Yahoo accounts were compromised in an attack in late 2014, leaking customer information like names, email addresses, telephone numbers, birthdates, hashed passwords, and both encrypted and unencrypted security questions and answers.
Yahoo does not believe unprotected passwords, payment card data, or bank account information was accessed, as that data is not stored in the system that was hacked. According to Yahoo, account information was stolen by a "state-sponsored actor" and the company is working with law enforcement on a full investigation.
Starting today, Yahoo will notify all affected users and is asking them to change their passwords immediately if passwords have not been changed since 2014. All compromised security questions and answers have also been invalidated. Yahoo has laid out a set of recommendations for all customers who might have had data stolen:
Yahoo does not believe unprotected passwords, payment card data, or bank account information was accessed, as that data is not stored in the system that was hacked. According to Yahoo, account information was stolen by a "state-sponsored actor" and the company is working with law enforcement on a full investigation.
Starting today, Yahoo will notify all affected users and is asking them to change their passwords immediately if passwords have not been changed since 2014. All compromised security questions and answers have also been invalidated. Yahoo has laid out a set of recommendations for all customers who might have had data stolen:
-Change your password and security questions and answers for any other accounts on which you used the same or similar information used for your Yahoo account.Yahoo first said it was investigating a data breach earlier this summer after hackers started selling account access online. The full scope of the attack was not revealed until today and could potentially affect Yahoo's sale to Verizon.
- Review your accounts for suspicious activity.
- Be cautious of any unsolicited communications that ask for your personal information or refer you to a web page asking for personal information.
- Avoid clicking on links or downloading attachments from suspicious emails.
- Additionally, please consider using Yahoo Account Key, a simple authentication tool that eliminates the need to use a password altogether.
Tag: Yahoo
[ 202 comments ]
Top Rated Comments
(View all)
23 months ago
While experts debate the exact number, it is estimated that only a few hundred people will be affected as most forgot they had a yahoo account after SPAM took over their inboxes.
23 months ago
Yahoo what the f***!!!!??? Two years to tell us to change our passwords??? Bye bye forever!
23 months ago
How funny that I closed my Yahoo account just a few weeks ago.
Seriously why use Yahoo anymore? Something like Google is much better and still much more trustworthy (especially considering Yahoo's toolbar thing, which is suspicious as ****).
Umm, because I've had my account since the early 90s and I don't trust Google..
23 months ago
For various reasons in the past I felt compelled to create a Yahoo account. I created a unique User ID and Password. I then created unique answers to the standard security questions (a standard practice I perform). I entered those unique pieces of data into a database that I keep for these sorts of things.
I know using honest answers for my parent's names, schools, teachers' names and pets' names all exist in databases and that information can be compiled by someone who can then plug into a brute force attack. Or if the hacker gets the data from one service I use will not be able to use those data points in another attack with similar questions. Since my answers are unique for each service I use, data collection is much more challenging for a bad person. Of course I have serious problems if I loose that database.
Doing all those extra steps may sound paranoid, but as we keep seeing in the news there are hackers out to get us. I just don't take it personal and do not wear a tinfoil hat.
I know using honest answers for my parent's names, schools, teachers' names and pets' names all exist in databases and that information can be compiled by someone who can then plug into a brute force attack. Or if the hacker gets the data from one service I use will not be able to use those data points in another attack with similar questions. Since my answers are unique for each service I use, data collection is much more challenging for a bad person. Of course I have serious problems if I loose that database.
Doing all those extra steps may sound paranoid, but as we keep seeing in the news there are hackers out to get us. I just don't take it personal and do not wear a tinfoil hat.
23 months ago
If they want to know what I ordered from iTunes and Amazon that much, go ahead..
Oh Grasshopper! How wrong you are! It's that attitude that Google and others want to encourage. But as my relative who works in this area would explain to you there is much more than that they are gleaming and storing about you. In the future, folks will really regret that they gave Google and others, e.g., Facebook, all of their photos, all of their personal and business contacts, every email and message they wrote and received, everything you ever purchased, where they drive, who they visit, what they read and watch, what they search for, everything about their families and friends, etc.
That information is being assembled, stored, sold and stolen because it has value to advertisers, foreign countries, law enforcement, intelligence agencies, criminals and, depending on where you live now and in the future, totalitarian and/or evil governments.
Apple's focus on privacy is slowing this down for those who use its eco system, but can't stop all the leaks, e.g., when you use Google search, they have that forever for law enforcement, hackers, etc.
BTW, this website, MR, has a minimum of 15 trackers being loaded on your device as you read this.
23 months ago
I haven't logged in to Yahoo in so long I don't even remember my password. Maybe one of the hackers can tell me.
23 months ago
Yahoo is garbage. It just is. They try to improve, but they allow to much unfiltered junk into their system. It's a hackers play land with Yahoo.
[ Read All Comments ]
AT&T has launched a new Father's Day deal for the next few days, offering new and existing customers who purchase an iPhone X as an upgrade or a new line a second iPhone X at no additional...
For this week's giveaway, we've teamed up with Choetech to offer MacRumors readers a chance to win a Qi-enabled 7.5W Wireless Charging Pad for the iPhone X, iPhone 8, and iPhone 8 Plus.
...
Danalock today announced that the HomeKit version of its Danalock V3 smart lock is now available for purchase from Apple's website and retail stores in more than 20 other countries across Europe,...
AT&T this afternoon announced that it has completed its acquisition of Time Warner, just two days after a U.S. District Court Judge ruled that the merger could move forward.
"The content...
Just in time for the FIFA World Cup, which began today, live sports are now available in Apple's TV app on iPhone, iPad, and Apple TV in Canada.
At launch, Sportsnet, TSN, RDS, CBC, and...
iOS 12 introduces USB restrictions that effectively put an end to law enforcement access to iPhones and iPads using devices like the GrayKey box, but Grayshift, the company that makes the box, may...
Apple today shared a new promotion that will allow Apple Pay users to get two free bike rides through the ofo app from now until June 20.
Ofo is a smart bike sharing service that's designed...
Apple today introduced updates for its iWork apps, adding new features to Pages, Numbers, and Keynote for both iOS devices and Macs.
Today's update introduces support for recording, editing,...
