Attack reported in September 2016
Short Bytes: Yahoo has disclosed a new data breach on the company’s server which compromised user data of 1 billion user accounts. The attack occurred in August 2013, Yahoo says the hack didn’t involve payment card and bank account details.
Yahoo has disclosed a new data breach which is said to have occurred in August 2013. The company says the attack affected around 1 billion users and it’s separate from the attack reported in September 2016 – affecting around 500 million accounts in 2014.After analyzing the data given by law enforcement, Yahoo claims account information like names, telephone numbers, date of birth, email addresses, security questions, and hashed passwords were compromised by the attackers. However, it didn’t include data like credit card details and bank account information, as it wasn’t stored on the hacked server.In the case of the 2014 attack, Yahoo has tied links to some state-sponsored attacker, who gained access to Yahoo’s proprietary source code and created forged cookies to compromise user accounts.Verizon is already in the process of acquiring Yahoo for $4.8 billion, and the company has negotiation terms in mind due to multiple hacking incidents like this. Yahoo has also been accused of creating email scanning software to scan people’s email on behalf of the US government. It was known that Yahoo’s CEO Merissa Mayer gave a green signal without seeking any advice from the security department.