In the wake of criticism and security concerns over Yahoo’s 2014 breach, the internet giant came forward in a statement yesterday revealing that they had been victims of an aparent hack that impacted over 1 billion user accounts. They go on to state that,
“For potentially affected accounts, the stolen user account information may have included names, email addresses, telephone numbers, dates of birth, hashed passwords (using MD5) and, in some cases, encrypted or unencrypted security questions and answers.
The investigation indicates that the stolen information did not include passwords in clear text, payment card data, or bank account information. Payment card data and bank account information are not stored in the system the company believes was affected.”
According to Yahoo these breaches took place in August 2013 and only found out yesterday. They go on to relate that this attack was likely perpetrated by hackers forging cookies to gain unauthorized access to user accounts. This level of exploit is only available with a knowledge of Yahoo’s proprietary code.
In light of these recent events, it is recommended that Yahoo account holders immediately change their passwords and security questions to ensure they are protected. In my opinion, I would recommend moving away from Yahoo due to their repeated security breaches. There is speculation as to the impact this revelation will have on Verizon’s $4.8 billion dollar purchase set to finalize in the beginning of 2017 and Verizon spokesperson Bob Varettoni commented on the matter stating,
“As we’ve said all along, we will continue to evaluate the situation as Yahoo continues its investigation,” Verizon said in a statement Wednesday. “We will review the impact of this new development before reaching any final conclusions.”
This goes to show you that IT security is a critical aspect of a modern business – especially in today’s internet connected world. If you want to make sure your company doesn’t end up like Yahoo, contact us for a network assessment to expose actionable information to secure your business.