Yahoo Reveals 500 Million Users Are Affected by Data Breach … From 2014
Regular reminder to change your password! Yahoo suffered a security breach back in late 2014, and in August of this year, a hacker named “Peace” was found to be shopping around 200 million usernames and passwords for sale online. Now, Yahoo has revealed that the data breach affected as many as 500 million users and compromised a lot of information, though reportedly not financial data.
In a help post geared towards users trying to figure out how much danger their information is in, Yahoo said that the breach included, “names, email addresses, telephone numbers, dates of birth, hashed passwords (the vast majority with bcrypt) and, in some cases, encrypted or unencrypted security questions and answers.” Yahoo doesn’t believe any unencrypted passwords were involved, and they say that bank and bank card information isn’t even stored in the same system as the one affected.
Still, they recommend that any users who are concerned about their data should change their passwords anyway, and BBC News says that UK Internet Service Providers that use Yahoo as the basis for their users’ email accounts have also urged password changes. Hopefully, everyone has already changed their password since 2014 already, being that it’s almost 2017, but who has the patience to change all their passwords regularly?
Yahoo says they believe the attack to be “state-sponsored,” but they’re not clear on exactly what government is behind it. The FBI is looking into those claims, but it’s unnerving that it took until now to warn users about a data breach that happened so long ago, and seemingly only because the data going on sale let the cat out of the bag. Even Verizon, currently in the process of purchasing Yahoo, only became aware of the breach “within the last two days,” as they told the BBC.
The once mighty Internet company has been fighting for relevance for a while, but I’m not sure hiding a massive data breach for years is the ideal way to achieve it.
Want more stories like this? Become a subscriber and support the site!
—The Mary Sue has a strict comment policy that forbids, but is not limited to, personal insults toward anyone, hate speech, and trolling.—
Have a tip we should know? email@example.com