Dear Visitor,

Our system has found that you are using an ad-blocking browser add-on.

We just wanted to let you know that our site content is, of course, available to you absolutely free of charge.

Our ads are the only way we have to be able to bring you the latest high-quality content, which is written by professional journalists, with the help of editors, graphic designers, and our site production and I.T. staff, as well as many other talented people who work around the clock for this site.

So, we ask you to add this site to your Ad Blocker’s "white list" or to simply disable your Ad Blocker while visiting this site.

Continue on this site freely
  HOME     MENU     SEARCH     NEWSLETTER    
CUSTOMER RELATIONSHIP MANAGEMENT NEWS. UPDATED ABOUT A MINUTE AGO.
You are here: Home / Customer Data / Yahoo Confirms Huge Data Breach
Yahoo Confirms Details of Massive Data Breach
Yahoo Confirms Details of Massive Data Breach
By Shirley Siluk / CRM Daily Like this on Facebook Tweet this Link thison Linkedin Link this on Google Plus
PUBLISHED:
SEPTEMBER
22
2016
With just months to go before it's set to be acquired by Verizon for $4.83 billion, Yahoo confirmed today that a massive data breach four years ago affected some 500 million Yahoo users.

First reported by Motherboard in early August, the breach came to light after the Yahoo credentials were listed for sale on the dark web. Offered by a hacker using the name "Peace" for the price of three bitcoins (about $1,800), the user data appeared to have been taken in a breach that occurred in 2012.

"We are aware of a claim," a Yahoo spokesperson first told us on August 2. "We are committed to protecting the security of our users' information and we take any such claim very seriously."

Confirmation Anticipated, Then Confirmed

In a report published earlier today, tech site re/code cited "several sources close to the situation" who said Yahoo would soon confirm the 2012 massive breach of user accounts. Noting that legal action and government investigations were likely, those sources told re/code the breach was widespread and serious. "It's as bad as that," according to one source. "Worse, really."

Security developer Troy Hunt was among those closely watching the Yahoo developments today. Hunt, who runs the breach-related Web site, "Have I been pwned?," noted in several tweets today that he and others had received email or sign-on notifications from Yahoo recommending a change in passwords to secure their accounts.

"More Yahoo breach indicators (this could happen any time, but a lot of signals lining up at once right now)," Hunt said on Twitter earlier this morning.

Official confirmation came mid-day today, when Yahoo chief information security officer Bob Lord confirmed in a post on the company's Tumblr account that "information associated with at least 500 million users accounts was stolen" in late 2014 by someone believed to be a "state-sponsored actor."

Lord said Yahoo is working closely with law-enforcement authorities but believes the stolen information did not include unprotected passwords, payment card data or bank account information. Yahoo is taking a number of actions to protect its users, he added, and is urging users to change their passwords, security questions and answers if they haven't done so since 2014.

Verizon Closing Set for Early 2017

Announced in July, the pending sale of Yahoo to Verizon would see the telco gain a digital media property with more than 1 billion monthly active users. Verizon is expected to tap into that user base and the advertising opportunities it offers to fuel new growth as its own mobile services business continues to shift.

Set to be finalized in the first quarter of 2017, the all-cash deal would expand Verizon's holdings with the addition of Yahoo's online news, finance and sports properties. Verizon would also gain Yahoo's 225 million email service users as well as its advertising technology assets such as Brightroll, Flurry and Gemini.

Verizon made a similar acquisition in 2015, when it purchased AOL for $4.4 billion. That transaction expanded Verizon's portfolio with the addition of digital properties including The Huffington Post, TechCrunch and Engadget, as well as AOL.com.

"The addition of Yahoo to Verizon and AOL will create one of the largest portfolios of owned and partnered global brands with extensive distribution capabilities," Verizon said in its July 25 announcement. "Combined, AOL and Yahoo will have more than 25 brands in its portfolio for continued investment and growth."

Verizon's Response to the Breach

A spokesperson for Verizon emailed us this afternoon with the following statement: "Within the last two days, we were notified of Yahoo's security incident. We understand that Yahoo is conducting an active investigation of this matter, but we otherwise have limited information and understanding of the impact.

"We will evaluate as the investigation continues through the lens of overall Verizon interests, including consumers, customers, shareholders and related communities. Until then, we are not in position to further comment."

Editor's note: This story was updated to include Yahoo's confirmation and Verizon's response.

Tell Us What You Think
Comment:

Name:

Shirley Siluk:
Posted: 2016-09-22 @ 12:16pm PT
Update 2:

A spokesperson for Verizon emailed us this afternoon with the following statement: "Within the last two days, we were notified of Yahoo's security incident. We understand that Yahoo is conducting an active investigation of this matter, but we otherwise have limited information and understanding of the impact. We will evaluate as the investigation continues through the lens of overall Verizon interests, including consumers, customers, shareholders and related communities. Until then, we are not in position to further comment."

Shirley Siluk:
Posted: 2016-09-22 @ 12:14pm PT
Update:

Later today, Yahoo chief information security officer Bob Lord confirmed in a post on the company's Tumblr (https://yahoo.tumblr.com/post/150781911849/an-important-message-about-yahoo-user-security) that "information associated with at least 500 million users accounts was stolen" in late 2014 by what is believed to be a "state-sponsored actor." Lord said Yahoo is working closely with law-enforcement authorities but believes the stolen information did not include unprotected passwords, payment card data or bank account information. Yahoo is taking a number of actions to protect its users, he added, and is urging users to change their passwords, security questions and answers if they haven't done so since 2014.

Like Us on FacebookFollow Us on Twitter
MORE IN CUSTOMER DATA

NETWORK SECURITY SPOTLIGHT
Britain's cybersecurity agency has told government departments not to use antivirus software from Moscow-based firm Kaspersky Lab amid concerns about Russian snooping.

CRM DAILY
NEWSFACTOR NETWORK SITES
NEWSFACTOR SERVICES
© Copyright 2017 NewsFactor Network. All rights reserved. Member of Accuserve Ad Network.