Billions of Yahoo users suffered a severe blow when it was found that a massive cyber attack had targeted the internet giant. The company revealed that 1 Billion accounts had been compromised and this apparently also hurt the Yahoo-Verizon deal which was then underway. Newer reports, however, confirm that a staggering 3 Billion Yahoo user accounts have been compromised.
This literally translates into the fact that nearly every Yahoo account active in 2013 was compromised. The new intelligence has been obtained from external forensic experts. If you had a Yahoo account in 2013, it is quite possible that you were one among the victims. The company is currently facing nearly 42 consumer class-law suit actions across both US federal and state courts. However, the investigation shows that no payment details including credit card or bank information were compromised.
The worst part, however, is that Yahoo has been accused of employing an outdated encryption method that was relatively easier to break into. Oath (the Verizon company that owns Yahoo) has said that it will begin notifying the other 2 billion users over the course of next few days, but we doubt its usefulness.
This is what Chandra McMohan, Verizon Chief of Information Security Officer had to say “Verizon is committed to the highest standards of accountability and transparency, and we proactively work to ensure the safety and security of our users and networks in an evolving landscape of online threats.” He further added that “Our investment in Yahoo is allowing that team to continue to take significant steps to enhance their security, as well as benefit from Verizon’s experience and resources.”
Let us take a look at all the type of user data that has been compromised until now, username, phone numbers, date of births, hashed passwords and security questions and answers. The security questions can be used by the hackers to gain access to other accounts as well. In a nutshell, Yahoo users are advised to reset not only their passwords but also the other details like security questions and answers.