Former Google competitor Yahoo! disclosed yesterday that it has discovered what is potentially history’s largest data breach, affecting more than one billion user accounts and dating back to August 2013.
The news comes just two months after Yahoo confirmed rumors of a massive security breach affecting at least 500 million Yahoo Mail users in September, though this breach is reportedly separate from the former, according to a statement from Yahoo CISO Bob Lord.
Yahoo was first notified of the massive breach by law enforcement, who provided the company with data files that a third party had claimed was Yahoo user data. Then, with the help of “forensic experts,” the search-co examined the data and determined that it had been obtained by an “unauthorized third party,” according to Lord.
As of yet, the company has not been able to figure out just how the data of its one billion-plus users were stolen, says lord. “We have not been able to identify the intrusion associated with this theft.”
Stolen user account information potentially included names, email addresses, phone numbers, dates of birth, MD5 hashed passwords, and even encrypted security questions and answers. Luckily, payment card data was not affected in the breach.
Yahoo says it is alerting compromised account holders of the breach and will require them to change their passwords.
Widget not in any sidebars
Latest posts by Jeff Edwards (see all)
- Six Endpoint Security Vendors to Watch in 2018 - November 28, 2017
- Bitdefender Releases Cloud-Based Endpoint Detection and Response Tool - November 13, 2017
- CrowdStrike Adds Vulnerability Management Module to It’s Endpoint Protection Platform - November 10, 2017