Yahoo president and CEO Marissa Mayer speaks at an event 2015 in San Francisco.
The company said Wednesday it's found it was hit by yet another hacking attack, this time affecting more than 1 billion user accounts. That's double the number affected by a hack revealed in September.
The stolen data included users' names, email addresses, telephone numbers, dates of birth, and encrypted passwords. Those passwords are scrambled up with an encryption tool called MD5, which experts say is possible to crack with some patience. The data also included some security questions and answers, some of which weren't encrypted.;
"Yahoo is notifying potentially affected users and has taken steps to secure their accounts, including requiring users to change their passwords," the company said in a statement. "Yahoo has also invalidated unencrypted security questions and answers so that they cannot be used to access an account."
The hack occurred in August of 2013.
The breach is another black eye for Chief Executive Marissa Mayer, who joined Yahoo in 2012 amid great fanfare. The former Google executive was charged with turning Yahoo around, and tried to bring the lumbering company into the smartphone era. She's refreshed all of Yahoo's mobile apps and made big bets on mobile, but the company was never able to make much money off of her projects.
The announcement caps off a rough few months for the troubled tech giant and leaves another blemish on a company seeking to sell itself off to Verizon. When Yahoo announced a separate data breach in September, in which hackers swiped user information from half a billion accounts, it was said to be the biggest cybersecurity breach ever.
Two weeks later, the company again came under fire after a report said Yahoo built tools to surveil customers' emails for US intelligence officials.
All the while, Yahoo has been awaiting its fate with Verizon, which agreed to buy the company for $4.8 billion in July. The deal is set to close in the first quarter of next year, but Yahoo's disclosure of the previous hack had given Verizon executives pause about the deal.
It's unclear whether Wednesday's disclosure will impact the deal. Verizon didn't immediately return a request for comment about the latest data breach.
Sumit Argawal, co-founder and vice president of product management at cybersecurity company Shape Security, said increasingly damaging hacks that Yahoo has announced fits a clear pattern in companies that don't have their security locked down. Often, he said, companies and organizations start by describing their cybersecurity woes in small terms, but keep adding new casualties to the list.
"When entities have mediocre security hygiene, they inevitably end up having lost the keys to a much larger kingdom than we originally thought," Argawal said.
No comments:
Post a Comment
Is this post helpful?
Your comment(s) are highly appreciated to this post. Be the first to comment and make sure you also share to your friends and families about this post, for them to also benefit from it.
Share to all social networks like Facebook, Twitter and others social network you may know.