Business Insider reports that a compromise of Yahoo! that had been acknowledged to affect "at least 500 million" accounts may have affected significantly more. Citing an unnamed "former Yahoo executive familiar with its security practices," the story says that the company's "main user database, or UDB" which stores the details for users of several of the company's services, was compromised. If the entire database were copied, information on one to three billion accounts could have been stolen.
Previously:
Amid Fallout from Hack and Spying, Yahoo! Disables Email Forwarding
In Yahoo Breach, Hackers May Seek Intelligence, Not Riches
500 Million Yahoo Accounts Hacked
(Score: 0) by Anonymous Coward on Friday October 21 2016, @11:48AM
I have a yahoo account - I have not heard anything from Yahoo about this. So I presume I was not in the 1-3 Billion accounts that were affected. In any case, I have not been advised to change my password or anything else.
Would someone at least be able to tell me if I should change password?
What potentially was leaked from my account? All emails? Password? Contacts?
(Score: 0) by Anonymous Coward on Friday October 21 2016, @07:25PM
What you should do is switch to a different email provider.
(Score: 2) by butthurt on Friday October 21 2016, @07:29PM
According to Yahoo!'s chief information security officer,
The account information may have included names, email addresses, telephone numbers, dates of birth, hashed passwords (the vast majority with bcrypt) and, in some cases, encrypted or unencrypted security questions and answers.
-- https://yahoo.tumblr.com/post/150781911849/an-important-message-about-yahoo-user-security [tumblr.com]