Arthur J. Villasanta – Fourth Estate Contributor
Sunnyvale, CA, United States (4E) – Yahoo! yesterday confirmed that all three billion of its user accounts (and not one billion as it admitted at first) were hacked during a massive and unprecedented security breach in August 2013.
That embarrassing cyberattack, which Yahoo! first revealed only in December 2016, is now verified as the largest known breach of its kind in the history of the Internet.
Yahoo! said the cyber break-in was conducted by an “unauthorized third party” that stole names; email addresses; telephone numbers; encrypted or unencrypted security questions and answers; dates of birth; hashed passwords (using MD5) and unencrypted security questions and answers, in some cases.
The data was stolen from all those with Yahoo emails, and all those that registered for any other Yahoo service like Flickr.
Yahoo! believes the hackers probably used manufactured web cookies to falsify login credentials. This clever piece of subterfuge allowed hackers to gain access to any account without a password.
Yahoo! was slammed for its late disclosure of the breach three years later. It’s currently facing several lawsuits, as well as investigation by the United States Congress.
Yahoo! sought to mitigate the impact of the unparalleled cyber theft by claiming it “took action to protect all accounts.”
It said it notified impacted users “identified at the time;” required password changes and invalidated unencrypted security questions and answers so they couldn’t be used to access an account.
Yahoo! claims that because of these actions, “No additional notifications regarding the cookie forging activity are being sent in connection with this update.”
“The investigation indicates that the information that was stolen did not include passwords in clear text, payment card data, or bank account information. Payment card data and bank account information are not stored in the system the company believes was affected,” said Yahoo!
Article – All Rights Reserved.
Provided by FeedSyndicate
