Over Billion Yahoo Accounts Been Hacked


It was known in September 2016 that 500 million Yahoo accounts have been hacked and it was confirmed by Yahoo itself.

Now Yahoo is providing few updates that as a result of a breach in August 2013, around 1 billion accounts were hacked.

How the Hack was Discovered

Bob Lord, Yahoo’s Chief Information Security Officer, told that a third party made its claim on a user of Yahoo. After analyzing data through forensic experts, it was known that it came from Yahoo.

After analysis, it was known data from more than 1 billion users was stolen by an unauthorized party. Bob told that they still haven’t been able to know the source of this incursion. They think that this incident is different from the one that was known in September 2016.

He told that the data stolen from the accounts may include email addresses, names, birth dates, telephone numbers, hashed passwords and even security questions and answers.

Bob further told that the third party was aware how to use cookies and also had access to company’s proprietary code. They used these cookies to access users’ accounts without a password.

They have told the affected account holders and false cookies have been cancelled. They think that the same state sponsored actor is behind this theft that hacked the data described in September 2016.

What Yahoo is Doing to Protect its Users

According to their claim, they have told about this problem for the affected users and they made it necessary for them to change their password in order to secure their accounts. They have also cancelled the unencrypted security questions/ answers and also the forged cookies and now they can’t be used to access the account of user.

Apart from that, Yahoo gave few tips to its users to secure their accounts that are provided below:

  • Visit our Safety Center page for recommendations on how to stay secure online.
  • Change your passwords and security questions and answers for any other accounts on which you used the same or similar information available on your Yahoo account.
  • Review all of your accounts for doubtful activity.
  • Be cautious of any unwanted communications that ask for your personal information or refer you to a web page asking for personal information.
  • Avoid clicking on links or downloading attachments from suspicious emails.
  • Consider using Yahoo Account Key, a simple authentication tool after which there will be no need to use a password on Yahoo altogether.
  • Visit the Yahoo Security Issue FAQs page.


Comments are closed.