Yahoo says over one billion users may have been hacked

Stolen information may have included passwords, e-mail addresses and phone numbers

Yahoo said an unauthorised third party had stolen the data and that it was working closely with police. Photograph: Justin Sullivan/Getty Images
Yahoo said an unauthorised third party had stolen the data and that it was working closely with police. Photograph: Justin Sullivan/Getty Images

Yahoo said on Wednesday that it has identified a new breach that occurred in August 2013 and involved data associated with more than one billion user accounts, double the number affected in a different breach disclosed in September.

Yahoo said it believed the latest incident was likely distinct from the breach disclosed in September, when it said information associated with at least 500 million user accounts was stolen in 2014.

The 2014 breach was believed to be the world’s biggest known cyber breach by far. The company, which is being acquired by Verizon Communication for $4.83 billion (€4.59 billion), said an unauthorised third party had stolen the data in the latest breach and that it was working closely with police.

Identify the intrusion

The company said it has not been able to identify the intrusion associated with the theft. Yahoo said the stolen user account information may have included names, e-mail addresses, telephone numbers, dates of birth, hashed passwords and, in some cases, encrypted or unencrypted security questions and answers.

READ MORE

Payment card data and bank account information were not stored in the system believed to be affected, the company said.

Yahoo, whose shares were down 2.5 per cent in extended trading, said it is notifying potentially affected users and has taken steps to secure their accounts.

Verizon said, “we will review the impact of this new development before reaching any final conclusions.” Verizon shares were up 0.17 per cent after hours. – (Reuters)