Stories
Slash Boxes
Comments

SoylentNews is people

posted by martyb on Thursday December 15 2016, @10:07AM   Printer-friendly
from the who-is-next? dept.

Yahoo! has disclosed another major breach of its users' data:

Yahoo! Inc. disclosed a second major security breach that may have affected more than 1 billion users, giving an update on its probe into hacks on its system before the sale of its main web businesses to Verizon Communications Inc. The company said in a statement that it hasn't been able to identify the "intrusion" associated with this theft by a third party in August 2013.

"Yahoo believes this incident is likely distinct from the incident the company disclosed" in September, according to the statement. The shares dropped as much as 2.6 percent in extended trading after the announcement. At that time, Yahoo said the personal information of at least 500 million users was stolen in an attack on its accounts in 2014, exposing a wide swath of its users ahead of the Verizon deal. The attacker was a "state-sponsored actor," and stolen information may have included names, e-mail addresses, phone numbers, dates of birth, encrypted passwords and, in some cases, unencrypted security questions and answers, Yahoo has said.
In the 2013 hack disclosed Wednesday, Yahoo said compromised user account information may have included names, e-mail addresses, telephone numbers, dates of birth, hashed passwords and, in some cases, encrypted or unencrypted security questions and answers.

The attackers might have gotten access to less info than Uncle Sam did.

Also at TechCrunch, WSJ, and Yahoo!'s Tumblr.


Original Submission

 
This discussion has been archived. No new comments can be posted.
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
  • (Score: 2) by Scruffy Beard 2 on Thursday December 15 2016, @01:53PM

    by Scruffy Beard 2 (6030) on Thursday December 15 2016, @01:53PM (#441588)

    I find "state-sponsored actor" hard to believe because they were giving at least one state access on purpose.

    So two of Russia, France, and China are supposed to have independently broken in?

    Definitely possible, but it should not be your first conclusion.

    Starting Score:    1  point
    Karma-Bonus Modifier   +1  

    Total Score:   2  
  • (Score: 2) by Scruffy Beard 2 on Thursday December 15 2016, @01:56PM

    by Scruffy Beard 2 (6030) on Thursday December 15 2016, @01:56PM (#441589)

    On their tumbler post they say:

    " We have connected some of this activity to the same state-sponsored actor believed to be responsible for the data theft the company disclosed on September 22, 2016."

    That is slightly more plausible.