Yahoo admits hackers stole data from 500 million users
Personal information, names, emails as well as security questions and answers are thought to have been breached by “state-sponsored” attack on Yahoo.
The hackers managed to steal data on around 500 million Yahoo users in what could be the largest publicly disclosed cyber attack in history.
The hack itself took place in 2014, but has only now been made public.
Around eight million users in the UK had their accounts accessed, with data being stolen from these.
Although names, email addresses, telephone numbers, dates of birth and encrypted passwords were stolen, credit card data was not, said Yahoo.
Who is behind the attack? It’s unknown at the moment but they believe information was “stolen by what we believe is a state-sponsored actor”, however they did not mention which country it held responsible.
The FBI are currently investigating the claims.
It wasn’t until August this year when the hack was first brought up, the hacker known as “Peace” was attempting to sell information on 200 million accounts.
On Thursday 22nd September, Yahoo confirmed the breach was bigger than first imagined and by quite a considerable amount.
What do you need to do?
Change your password. It’s important to regularly update your password, using complex strings of characters, symbols and numbers to ensure strength.
Sky and BT issued warnings for customers in the UK that they may be affected by the breach as Yahoo provides email services for both.
Sky estimates that it had about 2.5 million Sky.com email account holders at the time of the breach. It said not all were affected but would advise everyone with a Sky.com email account to update their password.
BT said it was carrying out its own investigation but advised the “minority” of its customers who use Yahoo mail to change their passwords.
Why did it take so long for Yahoo to fully acknowledge the breach?
“It is really worrying that a breach from 2014 can have gone undetected for so long,” said Prof Alan Woodward from the University of Surrey.
“It is also surprising the public statement took so long to appear.”
“I would have thought most companies had learned by now that early disclosure is better, even if you have to revise and update as you learn more.”
The scale of the hack eclipses other recent, major tech breaches – such as MySpace (359 million), LinkedIn (164 million) and Adobe (152 million).
Learn how you can stay safe both online and offline with our help, we look after your security so your business can function how you desire, without any interruptions or complications.
Find out more by calling us today on 01642 049 750 or email us at firstname.lastname@example.org.