DV Hardware - bringing you the hottest news about processors, graphics cards, Intel, AMD, NVIDIA, hardware and technology!

   Home | News submit | News Archives | Reviews | Articles | Howto's | Advertise
 
DarkVision Hardware - Daily tech news
December 12, 2017 
Main Menu
Home
Info
News archives
Articles
Howto
Reviews
 

Who's Online
There are currently 57 people online.

 

Latest Reviews
Arctic BioniX F120 and F140 fans
Jaybird Freedom 2 wireless sport headphones
Ewin Racing Champion gaming chair
Zowie P-TF Rough mousepad
Zowie FK mouse
BitFenix Ronin case
Ozone Rage ST headset
Lamptron FC-10 SE fan controller
 

Follow us
RSS
 

Yahoo just discovered 1 billion accounts got hacked 3 years ago!

Posted on Thursday, December 15 2016 @ 14:08:29 CET by


Yahoo logo
We seriously have no idea what's going on at Yahoo but it seems like the people in charge have long left the deck. A couple of months ago news emerged that 200 million Yahoo user accounts got hacked in late 2014 but that number quickly ballooned to "over 500 million" accounts. The search company attributed the hack to a state-sponsored actor and confessed lots of private details were breached.

Can it get any worse than that? Absolutely because Yahoo just announced it discovered it was the victim of an even bigger data breach in August 2013. More than 1 billion user accounts were affected by this breach, making it the single largest hack in history.

Stolen data may have included names, e-mail addresses, phone numbers, dates of birth, hashed passwords, and encrypted or unencrypted security questions and answers. Yahoo says payment-card data and bank account information was not impacted because it was stored in a different system.

As Reuters reports, Yahoo has no idea who was behind this attack or how they got in. This implies the attackers may still have access to Yahoo's systems.
Yahoo was tentative in its description of new problems, saying the incident was "likely" distinct from the one it reported in September and that stolen information "may have included" names, e-mail addresses, telephone numbers, dates of birth, hashed passwords and, in some cases, encrypted or unencrypted security questions and answers.

It said it had not yet identified the intrusion that led to the massive data theft and noted that payment-card data and bank account information were not stored in the system the company believes was affected.
The company also admitted it discovered a vulnerability that allowed hackers to forge cookies to gain access to user accounts without needing to know the password:
Yahoo also said Wednesday that it believes hackers responsible for the previous breach had also accessed the company’s proprietary code to learn how to forge "cookies" that would allow hackers to access an account without a password.
Yahoo send an e-mail to its users and forced a password reset. It's better than nothing but it's still weird such a huge breach goes undetected for three years. Either way, given these two separate incidents I don't think I would ever entrust any data to Yahoo again.



 



 

DV Hardware - Privacy statement
All logos and trademarks are property of their respective owner.
The comments are property of their posters, all the rest © 2002-2017 DM Media Group bvba