We have yet another blemish for Yahoo!. The former web search giant – recently sold to Verizon in July – acknowledged that 500 million accounts of its users were hacked in late 2014 probably by a state organization. This is why we recommend that you change your password as soon as possible.
What information was made public?
This Thursday, September 22, Yahoo! released information about a new scandal related to the hacking of the database at the end of 2014. According to the investigation of the company, the attack was committed by a "state-sponsored actor". This cyber-attack affects 500 million accounts and is one of the biggest attacks in recent years.
The stolen data includes:
- Email addresses of users
- Birth dates
- Phone numbers
Fortunately, the banking information of Yahoo! customers does not seem to have been taken.
Were all Yahoo! accounts affected?
Not necessarily. Yahoo! uses an encryption type called 'hashing' to protect passwords. This means that hackers have, in some cases, used powerful computers to break passwords one by one. However, many people still use passwords too easily and pirates generally use computer programs to retrieve these accounts.
Has the data been resold?
Unfortunately, it seems that data was already sold in early August. Motherboard had reported that a hacker named Peace was selling data on 200 million users of Yahoo!, including user names, birth dates, email addresses and encrypted passwords, all for three bitcoins (worth about $1,800).
If you have a Yahoo! account and you have not changed your password since 2014, Yahoo! (and AndroidPIT) strongly recommends that you change your password immediately, especially if you use the same information to login to other sites.
Do you have a Yahoo! account?