Top
Begin typing your search above and press return to search.
exit_to_app
exit_to_app
Homechevron_rightTechnologychevron_rightData breach affected...

Data breach affected more than 1 bn accounts: Yahoo

text_fields
bookmark_border
Data breach affected more than 1 bn accounts: Yahoo
cancel

New York: Yahoo has disclosed a new security breach that may have affected more than one billion user accounts.

The breach dates back to 2013 and is thought to be separate from a massive cyber security incident announced in September, the company revealed on Wednesday.

"For potentially affected accounts, the stolen user account information may have included names, email addresses, telephone numbers, dates of birth, hashed passwords (using MD5) and, in some cases, encrypted or unencrypted security questions and answers," said Bob Lord, Chief Information Security Officer, Yahoo, in a blog post.

The company previously disclosed that outside forensic experts were investigating the creation of forged cookies that could allow an intruder to access users' accounts without a password.

"Based on the ongoing investigation, we believe an unauthorised third party accessed our proprietary code to learn how to forge cookies. The outside forensic experts have identified user accounts for which they believe forged cookies were taken or used," Lord said.

Yahoo says it was notifying the account holders affected. They will be required to change their passwords.

"We have also invalidated unencrypted security questions and answers so that they cannot be used to access an account," added Lord.

Yahoo said it had connected some of this activity to the same state-sponsored actor believed to be responsible for the data theft disclosed on September 22.

Show Full Article
TAGS:
Next Story