[NEWS] Yahoo Hacked

[Spoetnik]

Yahoo hack 'shocking'
The Canadian Press - Sep 22, 2016 / 3:39 pm | Story: 176601

Computer hackers swiped personal information from at least 500 million Yahoo accounts in what is believed to be the biggest digital break-in at an email provider.

The massive security breakdown disclosed Thursday poses new headaches for beleaguered Yahoo CEO Marissa Mayer as she scrambles to close a $4.8 billion sale to Verizon .

The breach dates back to late 2014, raising questions about the checks and balances within Yahoo — a fallen internet star that has been laying off staff and trimming expenses to counter a steep drop in revenue during the past eight years.

At the time of the break-in, Yahoo's security team was led by Alex Stamos, a respected industry executive who left last year to take a similar job at Facebook.

Yahoo didn't explain what took so long to uncover a heist that it blamed on a "state-sponsored actor" — parlance for a hacker working on behalf of a foreign government.

The Sunnyvale, California, company declined to explain how it reached its conclusions about the attack for security reasons, but said it is working with the FBI and other law enforcement. Yahoo began investigating a possible breach in July, around the time the tech site Motherboard reported that a hacker who uses the name "Peace" was trying to sell account information belonging to 200 million Yahoo users.

Yahoo didn't find evidence of that reported hack, but additional digging later uncovered a far larger, allegedly state-sponsored attack.

"We take these types of breaches very seriously and will determine how this occurred and who is responsible," the FBI said in a Thursday statement.The Yahoo theft represents the accounts ever stolen from a single email provider, according to computer security analyst Avivah Litan with the technology research firm Gartner Inc.

"It's a shocking number," Litan said. "This is a pretty big deal that is probably going to cost them tens of millions of dollars. Regulators and lawyers are going to have a field day with this one."

Source = http://www.castanet.net/edition/news-story-176614-5-.htm#176614

You may want to check https://haveibeenpwned.com

[bitkilo]

Yeah i heard this on the radio this morning, some company rep saying users should change their passwords ASAP.
They said the hack happened in 2014 so why are we just finding out about it now?

[Gleb Gamow]

http://www.bloomberg.com/news/articles/2016-09-23/yahoo-tipped-off-to-hack-by-report-of-data-dump-on-dark-web

The continuing investigation doesn’t indicate theft of payment card data or bank account information, or unprotected passwords, the company said.

That's a relief! For a second there I thought that my unprotected passwords where compromised. I'll be able to sleep better tonight knowing that such isn't the case. For those wondering: P@55w0rD is my password. Crack that, bitches!

[Spoetnik]

I had one i think back in 2001'ish ..i doubt the account still exists today.
Interesting is they are going through final details to sell Yahoo to Verizon.
Just a coincidence ?

I feel sorry for Yahoo and AskJeeves and DogPile, MSN and all those others back in the day.
Who lost the popularity war to Google.. the small university project with a few spiders and a few lines of HTML with a form.
(which sold for a little over a billion dollars if my memory is correct)
I was actually using Google back then trying to convince everyone i knew to switch to it with much resistance.
All older users i knew were on MSN back then.

Ahhh the good old days ..good ? LOL

If this hack happened in 2014 then the story i posted (from my local town website news page)
says it stretched back to 2013.. so it was a lengthy large breach of security for sure.

[krack-r]

So what? No banking data has been leaked.

[HotJava]

I think i have a yahoo account buried some where, its scary to think they hid this news.

[Powerbunny]

Pretty scary to think how large the hack is, and particularly at a time when they're getting acquired..

[Vinz24]

I also heard on the news but ĺuckily no bank data was leaked. It is better you choose different password and secret question on different site, so all of your account is secured. Many of users is still using the same password in their account.

[cryptor0th]

This is a rather unfortunate event and if anything is an indicator of noone being secure from security breaches. What I personally find rather hard to believe is the delay in them letting the public know about this. This is a rather good display of how corporate entities hide facts towards their benefits to mitigate trouble. I doubt that this something to do with their acquisition (non disclosure of breach working towards their interest). Anyways, this is a rather unfortunate event and I can only imagine what might be going on with the dumps right now.

[bitcoin-shark]

this is a bad thing i just change my password hope i do it on time

[Spoetnik]

So what? No banking data has been leaked.

So they say.. get it ?

[CoolJakeB]

It is scary to think that anything that we do online can be hacked and all of our personal information can be stolen. I do have a Yahoo email account and have no idea who has that information now. That is another reason why I like Bitcoin, because of the anonymity to it, and not having to give any personal info to get started.

[Gleb Gamow]

So what? No banking data has been leaked.

So they say.. get it ?

At least no unprotected passwords were comprised. So they say.

Hacker: Well, that was easy. I'll just take the 500K user account vitals sans unprotected passwords and banking data.

[jstern]

How many of those emails are from spammers?

[jstern]

http://www.bloomberg.com/news/articles/2016-09-23/yahoo-tipped-off-to-hack-by-report-of-data-dump-on-dark-web

The continuing investigation doesn’t indicate theft of payment card data or bank account information, or unprotected passwords, the company said.

That's a relief! For a second there I thought that my unprotected passwords where compromised. I'll be able to sleep better tonight knowing that such isn't the case. For those wondering: P@55w0rD is my password. Crack that, bitches!

You still have to worry about making sure that your password and secret question is not the same fore other sites.

[dx5]

I haven't used Yahoo in over ten years. Though I did check a couple of months ago if Aim worked.