A security breach that has been around for more than 3 years allowed a hacker to access more than a billion Yahoo accounts – besting the company’s own shameful record for the largest security breach in history.
The hacking happened way back in August of 2013, more than 12 months before another hack Yahoo encountered, but was just announced almost half a year ago. The previously announced breach had more than 500 million affected users, the previous record holder for largest hack.
These two breaches happened to take place since Marissa Mayer’s was hired as Yahoo’s CEO in 2012 – tarnishing a once promising hire for the tech giant. Verizon was set to acquire Yahoo earlier this year, but because of these fiascos, the price tag decreased, according to sources close to the deal.
Yahoo would not disclose much about the attacks, not confirming whether the same hacker or hackers were responsible for the attacks. They did say that the 2014 attack on their system was connected to an unknown foreign government – adding that the 2013 hack could not be connected to a specific source.
Verizon was set to acquire Yahoo earlier this year, but the price tag has decreased because of recent developments.
Yahoo has at least 1 billion regular users a month, and while the exact number of affected users have not been released, authorities said that the data stolen included user names, email addresses, contact numbers, birthdays, and security questions and answers.
Although the thought of hackers having access to passwords might seem dire, Yahoo stated that banking and credit card information were not stolen in the attacks.
The passwords should technically be secure, Yahoo said they go through encryption and hashing, but hackers have employed much more sophisticated approaches – applying stolen databases to crossmatch with the logins.
This development could spell even more bad news for users who have the same login data for other online accounts as hackers might hack into them, too. Yahoo required users to reset their passwords and other security information for their accounts to make sure the hackers do not have access to them or their other accounts.
Authorities, on the other hand, said that the foreign government-related attack was likely done to fish for data on specific targets. Moreover, it appears the stolen Yahoo data had not been posted on any of the online black markets – leading experts to believe that it was most likely not done by ordinary cybercriminals.
These recent revelations surely affect Yahoo’s and Verizon’s deal as the communications giant planned to make use of Yahoo’s database to build their digital advertising.
When the hacking story first went online, Verizon announce that they would be reevaluating their deal with Yahoo, reviewing the “new development before reaching any final conclusions.” In addition, the negotiations between the two would definitely be in favor of Verizon, at least.
Yahoo added that the hacking did not directly affect the traffic to their services, saying that the original terms of the deal should push through. Investors seemed to be worried as Yahoo shares fell 2% right after the disclosure of the latest hackings.
Comprehensive multi-device protection for you and your family for up to 6 PCs, Macs, Android, and iOS devices. For more info click here.