Hacked: Hacking Finance


Breaking: Yahoo Admits to Data Breach of 500 Million(!) User Accounts

Posted on .

Breaking: Yahoo Admits to Data Breach of 500 Million(!) User Accounts


This article was posted on Thursday, 20:05, UTC.

Yahoo has revealed that information related to at least 500 million user accounts were stolen from its network in a 2014 incident. The perpetrator, the company believes, was a state-sponsored hacker.

// -- Discuss and ask questions in our community on Workplace. Don't have an account? Send Jonas Borchgrevink an email -- //

In a significant announcement, Yahoo has revealed that the information of some 500 million user accounts have been impacted and stolen from a 2014 data breach, contrary to earlier indicators that the breach impacted 200 million user accounts from a 2012 cyberattack.

The stolen account information includes:

  • Names
  • Email addresses
  • Telephone numbers
  • Dates of birth
  • Hashed passwords (a significant majority which bcrypt hash)
  • Encrypted or unencrypted security questions and answers.

A press release confirmed the affected number of accounts, over a staggering half a billion user accounts.

Based on the ongoing investigation, Yahoo believes that information associated with at least 500 million user accounts was stolen and the investigation has found no evidence that the state-sponsored actor is currently in Yahoo’s network.

Yahoo has further stated that it is notifying users who were potentially affected by the breach, with details to secure their accounts. Recommendations include changing account passwords and the security questions and answers on any other online user account, if they’re the same as that of the impacted Yahoo account.

If you haven’t changed your Yahoo passwords already after rumblings of a possible breach, details of which surfaced last month, you should now.

John Peterson, vice president and general manager of security firm Comodo Enterprises states that a good password habit can be prove critical to an individual’s online security.

“End users can help protect themselves by staying on top of their own password hygiene. They should use strong passwords – a combination of uppercase, lowercase and special characters – and make them longer than they’d like them to be,” he said in an email to Hacked.  “Also, everyone should be aware of what’s going on. If an organization that you interact with reports a breach, don’t wait to update your password. Do it immediately.”

No details have been revealed about the state-sponsored hacker accused by Yahoo to be behind the breach.

Featured image from iStock/maybefalse.

Important: Never invest money you can't afford to lose. Always do your own research and due diligence before placing a trade. Read our Terms & Conditions here.

Feedback or Requests?

Samburaj Das

Samburaj Das

Samburaj is the contributing editor at Hacked and keeps tabs on science, technology and cyber security.

There are no comments.

View Comments (0) ...
Silicon Valley is going to war against disease, cancer, aging,…