To misquote Lady Bracknell, “For Yahoo to be hacked once may be regarded as a misfortune; to be hacked twice looks like carelessness.” Not content with having 500k user accounts breached in 2014, it now appears that more than one billion could have suffered the same fate a year earlier – breaking all previous data breach records.
Yahoo states that names, phone numbers, passwords and email addresses were stolen; but not bank and payment data. This latest debacle has thrown into doubt telecom giant Verizon’s $4.5bn bid for the California-based internet company – and the viability of the email provider service as a whole. Yahoo suggests that the hack might be state-sponsored, but cyber security experts are sceptical. Apparently, passwords were being protected via an old hashing process called MD5, the security of which had been discredited as far back as the mid-2000’s.
Yahoo account users should change their passwords and security questions as a matter of urgency, but experts point out that much of the damage will already have been done, and raise the possibility that many of the hacks of the past 1-2 years could easily have originated with the Yahoo breach.
Read more at http://www.bbc.co.uk/news/world-us-canada-38324527