Yahoo confirms 2014 hack, says 500 million users' information stolen
Washington, Sept 23: Yahoo has confirmed that hackers stole information from at least 500 million user accounts in what it describes as a "state-sponsored" attack.
In a statement released on Thursday, Yahoo's Chief Information Security Officer Bob Lord said that the information was stolen from the company's network in late 2014, Fox News reported.
"The account information may have included names, email addresses, telephone numbers, dates of birth, hashed passwords (the vast majority with bcrypt) and, in some cases, encrypted or unencrypted security questions and answers," he said.
However, an ongoing investigation into the hack suggests that stolen information did not include unprotected passwords, payment card data, or bank account information, according to Lord. Payment card data and bank account information are not stored in the affected system, he added.
The investigation has found that the attacker is no longer in Yahoo's network. The internet giant said that it is working with law enforcement.
Early on Thursday Recode reported that Yahoo was set to confirm a major data breach impacting hundreds of millions of users.
Shuman Ghosemajumder, Chief Technology Officer of Shape Security, warns that the shockwaves from the breach could be felt far beyond Yahoo.
"Most stories will focus on Yahoo users, but the damage there appears to have been done months ago, and Yahoo will simply reset all their passwords so no further damage can be done," he said, in a statement emailed to FoxNews.com.
"The real issue now is that these passwords will be used to breach thousands of other websites unrelated to Yahoo."
Cybercriminals, he explained, could use advanced automated tools to discover where users have used those same passwords on other sites.
The breach could also impact Yahoo's $4.8 billion sale of its core business to Verizon.
"Merger and acquisition deals always carry some level of risk - companies inherit each other's problems such as pending lawsuits, poorly manufactured products or regulatory violations," explained Steven Grossman, VP of strategy and enablement for cyber security specialist Bay Dynamics, in an email to FoxNews.com.
"Cyber-related problems are also on that list, yet, even as more companies continue to fall victim to data breaches, cyber risk is not as high a priority as it should be."
IANS
-
Gold Silver Rate Today, 10 March 2026: City-Wise Prices Edge Lower While MCX Gold And Silver Stay Range-Bound -
Hyderabad To Get Faster Road Link To Indore As New Highway Nears Completion, Opening Likely This Month -
Hyderabad Gold Silver Rate Today, 10 March 2026: Gold, Silver Slip In Local Market; MCX Also Trades Lower -
Oil Slumps 6% As Trump Claims Iran War Will Be Over 'Ahead of Schedule' -
Pune Gold Rate Today For 18K, 22K, 24K For Rates March 2026 -
Bangalore Gold Silver Rate Today, March 10, 2026: Gold and Silver Prices Go Up -
IPL 2026 Schedule Announcement On March 12: BCCI to Release First 20 Days of Indian Premier League Fixtures -
IPL 2026 Playing XI Prediction: CSK, MI, RCB, KKR, PBKS, GT, LSG, DC, RR, SRH Impact Sub & Full Team List -
Chennai Hotels Warn of Shutdown In 2 Days As LPG Supply Crunch Hits TN -
Trisha Shouldn't Have Attended The Event With Vijay: Parthiban -
Pakistan Facing Oil Crisis? PM Orders Shutdown Of Schools And Universities, Introduces 4-Day Workweek -
Flight Ticket Prices To Turn Costly Due To Iran Crisis? SpiceJet Chief Hints At Airfare Hike
Click it and Unblock the Notifications
Sign in with Google