The Drum Awards for Marketing - Extended Deadline

-d -h -min -sec

Security Breach Media Data

‘At least’ 500M Yahoo accounts breached

Author

By Lisa Lacy | n/a

September 22, 2016 | 2 min read

Yahoo has confirmed a data breach “associated with at least 500m user accounts.”

What is next for Yahoo?

A breach at Yahoo impacts "at least" 500 million users.

A statement from CISO Bob Lord said a copy of certain user account information was stolen in late 2014 by what Yahoo believes is a state-sponsored actor.

That account information potentially includes names, email addresses, telephone numbers, dates of birth, hashed passwords and encrypted and unencrypted security questions and answers. Yahoo said its investigation suggests the information did not include unprotected passwords, payment card data or bank account information as the latter are “not stored in the system that the investigation has found to be affected."

Yahoo also said the investigation has found no evidence that the state-sponsored actor is currently in Yahoo’s network and Yahoo is working with law enforcement.

In the meantime, Yahoo said it is notifying potentially affected users and asking them to change their passwords and “adopt alternate means of account verification.” It is also asking users who haven’t changed their passwords since 2014 to do so now.

In addition, Yahoo said it invalidated unencrypted security questions and answers so they cannot be used to access an account and has requested users consider its authentication tool Yahoo Account Key.

This story is developing.

Security Breach Media Data

More from Security Breach

View all

Trending

Industry insights

View all
Add your own content +