Yahoo reveals it was hit by worst hack ever in 2014; 500 million accounts affected
24 replies, posted
[quote]Hackers swiped personal information associated with at least a half billion Yahoo accounts, the internet giant said Thursday, marking the biggest data breach in history.
The hack, which took place in 2014, revealed names, email addresses, phone numbers, birth dates and, in some cases, security questions and answers, Yahoo said in a press release. Encrypted passwords, which are jumbled so only a person with the right passcode can read them, were also taken.
The internet pioneer, which is in the process of selling itself to Verizon, said it's "working closely" with law enforcement. It called the hackers a "state-sponsored actor," though it didn't identify a country behind the breach.
Yahoo urged users to change their passwords if they haven't since 2014. The company has 1 billion monthly active users for all its internet services, which span finance, online shopping and fantasy football. Its mail service alone has about 225 million monthly active users, Yahoo told CNET in June.
The hack serves as a reminder of how widespread hacking is and highlights the vulnerability of passwords. Cybersecurity specialists recommend using a different password for each account you have on the internet. Other experts are working on alternatives to passwords, such as biometrics like your fingerprint or retina.
"Cybercriminals know that consumers use the same passwords across websites and applications, which is why these millions of leaked password credentials are so useful for perpetuating fraud," said Brett McDowell, executive director of the FIDO Alliance, an organization that vets the security of password alternatives. "We need to take that ability away from criminals, and the only way to do that is to stop relying on passwords altogether."[/quote]
[url]https://www.cnet.com/news/yahoo-500-million-accounts-hacked-data-breach/[/url]
[url]http://fortune.com/2016/09/22/yahoo-hack-qa/[/url]
[url]http://www.usatoday.com/story/tech/2016/09/22/report-yahoo-may-confirm-massive-data-breach/90824934/[/url]
Oh boy that sure would've been nice to know 2 years ago.
sigh.
When isn't Yahoo getting hacked. Seriously.
I've just started using LastPass to manage my passwords and importing all my saved passwords from Firefox made me realize I had like 100 accounts essentially using the same pass/email combo. How I haven't been hacked yet is a mystery in and of itself. Been taking the time to either delete accounts or make a unique password for each one. It's time consuming but I do feel much safer.
Good thing I use unique password and 2-factor
There goes my old yahoo account then I guess. Glad I don't use the same password as it, they can enjoy whatever my middle school self signed up to with it.
Well if it was that long ago then it's useless to change my password yet again. I dunno why I still hang onto Yahoo, probably because I have so many things tied to it that I don't want to have to transfer all of that manually.
Aw shit not my yahoo account I used when I was like 10
[QUOTE=StrawberryClock;51091816]I've just started using LastPass to manage my passwords and importing all my saved passwords from Firefox made me realize I had like 100 accounts essentially using the same pass/email combo. How I haven't been hacked yet is a mystery in and of itself. Been taking the time to either delete accounts or make a unique password for each one. It's time consuming but I do feel much safer.[/QUOTE]
ditto
I fucking knew it wasn't my fault for having my email hacked. Thankfully it was just a throwaway I use for games.
Pretty pathetic effort only discovering such a massive breach 2 years too late.
2 Factor on anything that matters (like primary email, anything with buying/bank power) goes a long way. Turn it on whenever you can, the minor inconvenience makes a massive difference.
I'm curious how this affects ISPs. At least 3 around my parents use yahoo for user email.
[QUOTE=RenegadeCop;51092719]Should be illegal to withhold this information from users, if that's what they did for so long[/QUOTE]
It is within EU at least
[QUOTE=RenegadeCop;51092719]Should be illegal to withhold this information from users, if that's what they did for so long[/QUOTE]
They usually don't know until the hackers release the infodump somewhere.
I don't know if that's the case here though
[QUOTE=FalconKrunch;51093526]They usually don't know until the hackers release the infodump somewhere.
I don't know if that's the case here though[/QUOTE]
Apparently the hack was state sponsored, so that's why their was no info dump.
it doesn't matter, yahoo is crap anyways.
only yahoo answers which started a meme
[QUOTE=tomatmann;51093573]it doesn't matter, yahoo is crap anyways.[/QUOTE]
It doesn't matter. Except to the hundreds of millions of people who were affected by it... What a completely moronic thing to say.
I outright deleted my old yahoo account like a year ago.
They can have my account, it's not like I remembered the password to it anyways since I haven't logged into it in over 8 years
Maybe they can tell me.
Sucks for everyone else though that might still use Yahoo for some reason
So this is why russian people have been logging into my account every few months and sending political russian emails to all of my 13 year old contacts.
[QUOTE=Alice3173;51094970]It doesn't matter. Except to the hundreds of millions of people who were affected by it... What a completely moronic thing to say.[/QUOTE]
worth noting that they probably don't have hundreds of millions of unique people
[QUOTE=Map in a box;51097461]worth noting that they probably don't have hundreds of millions of unique people[/QUOTE]
That's kinda missing my point. It affected half a billion accounts; regardless of whether they were owned by half a billion people or not it's not something that simply doesn't matter as tomatmann was trying to claim.
Sorry, you need to Log In to post a reply to this thread.