+ Sunday December 15th, 2019

After announcing a data breach affecting 500 million users in September, Yahoo has today announced a second breach this time affecting 1 billion accounts.

The breach announced today occurred in August 2013, an earlier hack than the previous hack which occurred in 2014. According to the blog post today, the hack in 2013 ‘may have included’ data such as ‘names, email addresses, telephone numbers, dates of birth, hashed passwords (using MD5) and, in some cases, encrypted or unencrypted security questions and answers’.

The breach wasn’t discovered by Yahoo themselves, in fact the company was informed of the breach by law enforcement, with Yahoo unable to determine how the data was stolen. In the blog post, Bob Lord, Yahoo’s Chief Information Security Officer (CSIO) said ‘We have not been able to identify the intrusion associated with this theft’.

The information included passwords hashed using MD5 encryption, though this method of salting passwords has been passed over in recent times as a non-secure method. Yahoo has advised that they will be contacting affected account holders.

If you’re using any of the number of Yahoo services available on the Web or on Google Play it’s time to check into your security. If you aren’t already we highly recommend you stop using that same old password on every site and start looking at using a password manager application such as LastPass, KeyPass or any one of the many available.

Source: Yahoo.

Daniel Tyson  

Daniel Tyson

Daniel is a former editor of Ausdroid, and left in February 2019.

newest oldest most voted
Notify of
Paul Warner
Ausdroid Reader

Why do they announce this 3 years after the damage was done?

Dean Rosolen
Ausdroid Reader
Dean Rosolen

Because they were only informed of the breach by law enforcement. If they’d found the breach themselves, they would’ve taken action sooner.

Check Also

Real time Interpreter mode rolling out to Google Assistant on smartphones now, Australia included

Earlier this year Google Assistant on smart speakers received the ability to translate conversations in …