Thursday , August 24 2017

Yahoo announces another data breach, this time affecting 1 billion accounts

Yahoo
After announcing a data breach affecting 500 million users in September, Yahoo has today announced a second breach this time affecting 1 billion accounts.

The breach announced today occurred in August 2013, an earlier hack than the previous hack which occurred in 2014. According to the blog post today, the hack in 2013 ‘may have included’ data such as ‘names, email addresses, telephone numbers, dates of birth, hashed passwords (using MD5) and, in some cases, encrypted or unencrypted security questions and answers’.

The breach wasn’t discovered by Yahoo themselves, in fact the company was informed of the breach by law enforcement, with Yahoo unable to determine how the data was stolen. In the blog post, Bob Lord, Yahoo’s Chief Information Security Officer (CSIO) said ‘We have not been able to identify the intrusion associated with this theft’.

The information included passwords hashed using MD5 encryption, though this method of salting passwords has been passed over in recent times as a non-secure method. Yahoo has advised that they will be contacting affected account holders.

If you’re using any of the number of Yahoo services available on the Web or on Google Play it’s time to check into your security. If you aren’t already we highly recommend you stop using that same old password on every site and start looking at using a password manager application such as LastPass, KeyPass or any one of the many available.

 
Source: Yahoo.

Daniel Tyson   Editor

Dan is a die-hard Android fan. Some might even call him a lunatic. He's been an Android user since Android was a thing, and if there's a phone that's run Android, chances are he owns it (his Nexus collection is second-to-none) or has used it.

Dan's dedication to Ausdroid is without question, and he has represented us at some of the biggest international events in our industry including Google I/O, Mobile World Congress, CES and IFA.

Join the Ausdroid Conversation

2 Comments on "Yahoo announces another data breach, this time affecting 1 billion accounts"

avatar
Sort by:   newest | oldest | most voted
Member

Why do they announce this 3 years after the damage was done?

Member
Dean Rosolen

Because they were only informed of the breach by law enforcement. If they’d found the breach themselves, they would’ve taken action sooner.

wpDiscuz

Check Also

Samsung is releasing Bixby’s voice capabilities in 200 countries today

After launching in the US last month, Samsung has announced they’re expanding Bixby’s voice capabilities …