Yahoo attacked
It is now revealed that personal information of at least 500 million users of Yahoo was stolen in an attack on its accounts in 2014. Yahoo said today (23rd) in a statement that stolen information may include names, e-mail addresses, phone numbers, dates of birth, encrypted passwords and, in some cases, un-encrypted security questions and answers. It is said that payment card data or bank account information, or unprotected passwords have not been affected.
The attack is thought to be the largest ever in terms of user accounts and Yahoo suspects that the attacker could be ‘state sponsored’. However, according to Yahoo “there’s no evidence the attacker is still in the network”.
Now claims have surfaced, specially in early August, that a hacker using the name "Peace" was trying to sell personal information of Yahoo account users on the dark web, a black market of thousands of secret websites.
Yahoo, says about 1 billion people globally engage with one of its properties each month, said it was notifying potentially affected users and taking steps to secure their accounts, such as invalidating un-encrypted security questions and answers. It asks users who haven't changed their passwords since 2014 should do so immediately..
About 250 million use Yahoo Mail, while another 81 million use Yahoo Finance and tens of millions use Yahoo Fantasy Sports.