The infamous hacking incidents of the recent past has come to haunt us again with Yahoo announcing over a billion of its user’s accounts having been compromised in August 2013. If not the scale of the attack, the revelation couldn’t have come at a worse time as well given that Yahoo is in advanced stages of being acquired by Verizon at the moment.
What tarnishes Yahoo’s credibility, all the more, is that the company wouldn’t even have been aware of the hack had law enforcement agencies not presented the company with user information which they believed belonged to Yahoo. No wonder, the company’s shares suffered a drop of 2.7 percent post the revelation.
Among the information that hackers are believed to have, had access to including the names, e-mail ids, hashed passwords, telephone numbers, birth dates along with security questions and answers, both encrypted and unencrypted. Fortunately for the Yahoo users, their bank account details including credit/debit card details as well as clear text passwords seems to have remained out of the purview of the attack.
There have been similar hacking incidents reported in June this year by companies like LinkedIn, MySpace, and Tumblr. Hackers then had even put up the personal details of millions on sale for use by other prospective hackers.
This also makes nearly half of Yahoo users whose personal details have been stolen several times now. In another hack discovered late in 2014, more than 500 million Yahoo user accounts were found compromised.
Yahoo meanwhile stated the usual damage control measures have already been initiated. These include mandatory password changes while unencrypted security questions and answers have been rendered invalid.
As for the modus operandi of the attack, Yahoo said that an external source investigating the breach revealed the hackers might have gained access to proprietary code that they used to forge cookies. The investigation is however yet to confirm if the 2013 security breach that has come to light now is similar to the attack which was revealed earlier but happened in 2014.
Yahoo had then stated the 2014 attack seems to be a state-sponsored act and had access to more or less the same data set of the users.
Yahoo’s impending takeover by Verizon does not seem to be affected as of now as experts believe it is the public details stored at Yahoo that has been revealed. However, the deal price might still take a hit if the public perception towards Yahoo undergoes a drastic change. Further, Yahoo’s resilience to prevent any such attacks in future will no doubt come under heavy scrutiny as well.
Yahoo Hacked: What to do?
We request all Yahoo users to change their passwords. Follow the instructions to change the password.
- Go to the Yahoo Account Info page.
- (Mobile web browser only) tap the Menu icon .
- Click Account Security.
- Click Change password.
- Enter and confirm your new password.
- Click Continue. – A confirmation appears.
- Click Continue to finish.