杏吧原创

Hackers stole personal data from 1 billion Yahoo user accounts

Internet giant Yahoo says it believes聽hackers stole names, emails聽and passwords from more than one billion accounts in a cyberattack dating back to 2013
Yahoo mail logo with passwords
More than a billion accounts breached
Dado Ruvic / Reuters

Yahoo says it believes hackers stole personal data from more than one billion user accounts in a cyberattack that happened in 2013.

The technology giant says the data affected included 鈥渘ames, email addresses, telephone numbers, dates of birth, hashed passwords鈥, as well as security questions and answers, but it claims financial information such as card details was not compromised.

鈥淵ahoo has identified data security issues concerning certain Yahoo user accounts,鈥 the firm said in a statement. 鈥淵ahoo has taken steps to secure user accounts and is working closely with law enforcement.鈥

A second attack

The company, which is currently being taken over by聽US telecoms company Verizon, believes the attack is 鈥渄istinct鈥 from another cyberattack the company reported in September this year, which involved around 500 million accounts and was said to have been carried out by a 鈥渟tate-sponsored actor鈥 in late 2014.

The newly-disclosed attack was discovered as part of an investigation after law enforcement provided the company with data files that a third party claimed was Yahoo user data.

鈥淲e analyzed this data with the assistance of outside forensic experts and found that it appears to be Yahoo user data,鈥 the company said. 鈥淏ased on further analysis of this data by the forensic experts, Yahoo believes an unauthorised third party, in August 2013, stole data associated with more than one billion user accounts.鈥

Yahoo users are advised to change their passwords and security answers and look out for any suspicious activity on their accounts. They should also change passwords and security answers for any other services if they have re-used the same credentials.

Yahoo also says that users should avoid clicking links or downloading attachments if they think an email is suspicious and that they should be 鈥渃autious of unsolicited communications that ask for personal information.鈥

Topics: Hacking / Internet