Yahoo data hack was the biggest of all time
Three billion account holders were affected.
Every single Yahoo account that existed in August 2013 was affected by what has now become the largest ever recorded data breach in history, according to Yahoo parent company Verizon.
The violation was first reported in December 2016, with Yahoo estimating one billion users were affected.
This week, the internet services company’s owner, Verizon, announced that it will be providing email notifications to more than three billion account holders understood to have been impacted by the hack.
That’s every Yahoo account that was active in August 2013, including email, Tumblr, Fantasy and Flickr users. Yahoo said names, email addresses and passwords were breached, but financial information was secure.
The overwhelming additional number of people affected was reportedly discovered subsequent to Yahoo’s acquisition by Verizon. During integration, the company obtained “new intelligence” relating to the breach.
Verizon revised its numbers “following an investigation with the assistance of outside forensic experts”.
However, the identity of the perpetrator or perpetrators who instigated the attack remains unclear.
A recent CNBC analysis of reported breaches found the Yahoo hack to be the largest ever, “by a long shot”. The investigation also reveals that in 2017, hacks already account for more than half of all reported data breaches.
Last year, Yahoo enforced user password and security question encryption changes as a result of the breach.
Additional information on the hack is available from the Yahoo 2013 Account Security Update FAQs page.
Earlier this week, beleaguered credit agency Equifax revealed that an additional 2.5 million consumers’ personal information was breached during its previously announced global cybersecurity hack.
Speaking at the Cambridge Cyber Summit this week, Principal Deputy Director of National Intelligence Sue Gordon said the hacking of personal information should not simply be accepted as commonplace activity.
“We’re coming to think this is the cost of doing business… we do not have to accept that,” she said.
If you believe you’re the victim of identity theft, it’s important you contact the proper authorities, including local law enforcement, and consider liaising with your state attorney general or the Federal Trade Commission.