Yahoo announces second data breach hitting 1 billion user accounts

By on
Yahoo announces second data breach hitting 1 billion user accounts

Yahoo has announced a second, larger security breach that affected 1 billion user accounts – the biggest known data breach to date at any company.

Yahoo said the breach occurred in August 2013, with an unauthorised third party stealing data from 1 billion users, including included names, email addresses, telephone numbers, dates of birth and hashed passwords. The company said it also, in some cases, included encrypted or unencrypted security questions and answers.

Yahoo said it did not appear that hackers gained access to passwords in clear text, payment card data or bank account information.

Yahoo said it has not yet identified how the attackers penetrated its systems, though it said it now working with law enforcement. 

Yahoo said it discovered this second breach after further forensic expert analysis into the earlier breach it announced in September, which affected 500 million user accounts. It said this second and larger breach is likely distinct from the one announced earlier this year, which it attributed to nation-state attackers.

That breach also affected names, email addresses, telephone numbers, birthdays, hashed passwords, and in some cases, encrypted or unencrypted security questions and answers.

Yahoo said it is in the process of notifying users affected by the breach and will prompt them to change their passwords and security questions.

It urged all users to check their accounts for suspicious activity, change their passwords and adopt the company's authentication tool.

This article originally appeared at crn.com

Copyright © 2016 The Channel Company, LLC. All rights reserved.
Tags:

Most Read Articles

You must be a registered member of CRN to post a comment.
| Register

Poll

Are Australian businesses prepared for cyber attacks?
Yes
No
View poll archive

Log In

Username / Email:
Password:
  |  Forgot your password?