Yahoo Discloses Second Major Hack, More Than 1 Billion Accounts Compromised

by

Yahoo today announced that it believes more than one billion Yahoo user accounts were compromised in a hack by an unauthorized third party in August of 2013.

Information stolen from affected accounts includes names, email addresses, telephone numbers, birth dates, hashed passwords, and both encrypted and unencrypted security questions and answers. Clear text passwords, bank account information, and credit/debit card information were not believed to be accessed in the attack.

yahoo
According to Yahoo, the hack was discovered after law enforcement officials provided the company with what appeared to be Yahoo user data from an unknown source. Yahoo says it has not been able to identify the specific intrusion, but it is "likely" distinct from a late 2014 hack that compromised more than 500 million Yahoo user accounts.

Earlier this year, Yahoo confirmed that "at least" 500 million user accounts were accessed in September of 2014, and this marks a second attack during the same general timeframe.

Yahoo is notifying users who may have been affected by the attack, and says it has "taken steps" to secure their accounts by implementing mandatory password changes. Unencrypted security questions and answers have also been invalidated.

Along with the 2013 hack compromising 1 billion user accounts, Yahoo has also announced that an ongoing outside investigation suggests an unauthorized third party accessed proprietary code to forge cookies, a technique that may have been used by the hackers responsible for the September 2014 attack. Those account holders are also being notified.

The outside forensic experts have identified user accounts for which they believe forged cookies were taken or used. Yahoo is notifying the affected account holders, and has invalidated the forged cookies. The company has connected some of this activity to the same state-sponsored actor believed to be responsible for the data theft the company disclosed on September 22, 2016.

Yahoo suggests users "review all of their online accounts" to check for suspicious activity and change any passwords that might have been used for a Yahoo account and another online account. Yahoo also recommends implementing two-factor authentication and avoiding links from suspicious emails.

Tag: Yahoo

Top Rated Comments

keysofanxiety Avatar
keysofanxiety
96 months ago
Wow, Yahoo really does suck.
Score: 18 Votes (Like | Disagree)
Schwyz Avatar
Schwyz
96 months ago
Yahoo has 1 billion+ accounts?
Wait, what company are we talking about again?
Score: 16 Votes (Like | Disagree)
avanpelt Avatar
avanpelt
96 months ago
I wonder if Verizon has the ability to walk away from the merger without significant financial consequence at this point? This is akin to finding out that the person you're engaged to has been living a secret life as a prostitute for the past 10 years.
Score: 14 Votes (Like | Disagree)
ziggie216 Avatar
ziggie216
96 months ago
Being hacked is one thing, how they manage to sweep it under is another thing.
Score: 12 Votes (Like | Disagree)
oplix Avatar
oplix
96 months ago
CNN breaking news: it was the russians (confirmed by 34 intelligence agencies)
Score: 8 Votes (Like | Disagree)
yaxomoxay Avatar
yaxomoxay
96 months ago
Glory days!

I remember the battles trying to get my sites listed in yahoo. It was where you needed to be. The amount of traffic you'd start getting once listed in the yahoo index proper was such a thrill.
You could also get some attention via very modern methods:

Score: 7 Votes (Like | Disagree)
Read All Comments

Popular Stories

iOS 18 Siri Integrated Feature

iOS 18 Will Add These New Features to Your iPhone

Friday April 12, 2024 11:11 am PDT by
iOS 18 is expected to be the "biggest" update in the iPhone's history. Below, we recap rumored features and changes for the iPhone. iOS 18 is rumored to include new generative AI features for Siri and many apps, and Apple plans to add RCS support to the Messages app for an improved texting experience between iPhones and Android devices. The update is also expected to introduce a more...
Read Full Article
iGBA Feature

Game Boy Emulator for iPhone Now Available in App Store Following Rule Change [Removed]

Sunday April 14, 2024 8:06 am PDT by
A week after Apple updated its App Review Guidelines to permit retro game console emulators, a Game Boy emulator for the iPhone called iGBA has appeared in the App Store worldwide. The emulator is already one of the top free apps on the App Store charts. It was not entirely clear if Apple would allow emulators to work with all and any games, but iGBA is able to load any Game Boy ROMs that...
Read Full Article106 comments
top stories 13apr2024

Top Stories: M4 Mac Roadmap Leaked, New iPads in Second Week of May, and More

Saturday April 13, 2024 6:00 am PDT by
Apple's hardware roadmap was in the news this week, with things hopefully firming up for a launch of updated iPad Pro and iPad Air models next month while we look ahead to the other iPad models and a full lineup of M4-based Macs arriving starting later this year. We also heard some fresh rumors about iOS 18, due to be unveiled at WWDC in a couple of months, while we took a look at how things ...
Read Full Article46 comments
new best buy blue

Best Buy Opens Up Sitewide Sale With Record Low Prices on M3 MacBook Air, iPad, and Much More

Saturday April 13, 2024 7:41 am PDT by
Best Buy this weekend has a big sale on Apple MacBooks and iPads, including new all-time low prices on the M3 MacBook Air, alongside the best prices we've ever seen on MacBook Pro, iPad, and more. Some of these deals require a My Best Buy Plus or My Best Buy Total membership, which start at $49.99/year. In addition to exclusive access to select discounts, you'll get free 2-day shipping, an...
Read Full Article40 comments
iGBA Feature

Apple Removes Game Boy Emulator iGBA From App Store Due to Spam and Copyright Violations

Sunday April 14, 2024 9:22 pm PDT by
Apple today said it removed Game Boy emulator iGBA from the App Store for violating the company's App Review Guidelines related to spam (section 4.3) and copyright (section 5.2), but it did not provide any specific details. iGBA was a copycat version of developer Riley Testut's open-source GBA4iOS app. The emulator rose to the top of the App Store charts following its release this weekend,...
Read Full Article135 comments
iOS 18 Siri Integrated Feature

Apple's First AI Features in iOS 18 Reportedly Won't Use Cloud Servers

Sunday April 14, 2024 9:52 am PDT by
Apple's first set of new AI features planned for iOS 18 will not rely on cloud servers at all, according to Bloomberg's Mark Gurman. "As the world awaits Apple's big AI unveiling on June 10, it looks like the initial wave of features will work entirely on device," said Gurman, in the Q&A section of his Power On newsletter today. "That means there's no cloud processing component to the...
Read Full Article82 comments