Explore the latest news and trends  

Sign up for our weekly security newsletter


Be the first to receive important updates on security





Send

Hackers Breach More than 1 bn Yahoo Accounts


The company revealed that they found breach of over 1 Bn user accounts, which happened in Aug. 2013. Techcrunch.com posted on December 15th, 2016, stating that this breach is believe as distinct and separate than the other data theft of 500 Mn accounts that was reported by Yahoo this September.

The hack happened in Aug. 2013. The stolen data includes the user names, date of birth, telephone numbers, encrypted passwords, and email addresses. Those passwords were scrambled up by the encryption tool known as MD5, whose crack is possible with little patience according to experts. The data, in addition, includes a few security questions as well as answers, with some of them were not encrypted.

Yahoo posted a statement on the website saying, "An unauthorized party" broke into accounts. The company believes that hacks were connected, and breaches are "state-sponsored".

Bob Lord, Chief Information Security Officer of Yahoo, wrote that the hackers are using "forged 'cookies'" - bits of code which stay in browser cache of the user, so that the website does not need to login on every visit. The cookies "could allow an intruder to access users' accounts without a password" by misidentifying anybody using them as email account owner. Lord added that breach may be linked to the proprietary code theft of Yahoo.

As per a statement of the company, Yahoo is informing potentially the affected users, along with taking steps for securing their accounts that includes asking them for changing their passwords. "Yahoo has also invalidated unencrypted security questions and answers so that they cannot be used to access an account."

Bloomberg report says that there are over 150,000 US military and government employees among victims, which is posing threat to the national security. The accounts belong to former and current White House staff, congressmen and their aides, Officials of National Security Agency, FBI agents, the Office of the Director of National Intelligence, the CIA (Central Intelligence Agency), and each branch of US military.

Law enforcement alerted Yahoo about the huge breach, and the data was examined with help from external forensic experts. Yahoo also claimed that it is informing the affected account holders of this breach. Affected users may require changing its passwords.

ยป SPAMfighter News - 12/20/2016

3 simple steps to update drivers on your Windows PCSlow PC? Optimize your Slow PC with SLOW-PCfighter!Email Cluttered with Spam? Free Spam Filter!

Dear Reader

We are happy to see you are reading our IT Security News.

We do believe, that the foundation for a good work environment starts with fast, secure and high performing computers. If you agree, then you should take a look at our Business Solutions to Spam Filter & Antivirus for even the latest version of Exchange Servers - your colleagues will appreciate it!

Go back to previous page
Next