Yahoo hack: "One billion people" have had data stolen


YAHOO has admitted that hackers breached its system to steal data from one billion user accounts in a massive cyber attack that was unreported for more than three years.

In the past few months, Yahoo has owned up to being hit by the two biggest data breaches in history.

In September, it announced it had been hit by what was then declared the world's biggest hack - now it has revealed a new attack that involves twice as many people and sets a new record.

The news could not have come at a worst time for Yahoo, which is in the middle of securing a huge buyout deal.

Yahoo today has reported a experts analysing Yahoo's records in the lead up to the buyout by Verizon had identified the mammoth attack which occurred in August 2013.

The hack reported today is separate to another hack reported in September which targeted 500 million Yahoo in 2014.

Yahoo blamed the 2014 attack on "state-sponsored" hackers.

Yahoo said today in the hack of 1 billion customers in 2013 information stolen by the hackers included names, e-mail addresses, telephone numbers, dates of birth, hashed passwords and unencrypted security questions and answers which could be used to access people's accounts.

Yahoo said the data did not include unencrypted passwords nor did it include credit card details which were kept on a different system.

Yahoo said today it was notifying the 1 billion account holders affected in the security hack.

Yahoo also warned today that forensic experts investigating the 2014 hack had discovered a way that hackers has forged cookies that allow them to access a person's account without a password.

"The company has connected some of this activity to the same state-sponsored actor believed to be responsible for the data theft the company disclosed on September 22, 2016," Yahoo said in the statement.

The news of the latest hack casts doubt on the US$4.8 billion Verizon buyout of Yahoo.

Verizon told CNBC today that "we will review the impact of this new development before reaching any final conclusions".

Yahoo has recommended its users change their passwords and security questions and answer prompts for any accounts which they have used the same information as their Yahoo account.

It also urged its users not to click on links or download attachments from suspicious emails and be suspicious of unsolicited emails and phone calls asking for personal information.

Topics:  editors picks general-seniors-news hacking technology

VIDEO: Cycling video secures driver conviction

VIDEO EVIDENCE: A motorcyclist has lost his licence for 18 months after his assault on two cyclists in June 2017 was captured on a rear-light bicycle video camera.

Motorcyclist loses licence after cyclist assault

Haul of dead sharks met with outrage

SAD SIGHT: Laelia Gardner captured photos of culled sharks at the Tweed Bar.

Decapitated and left to rot in the heat, 15 sharks found dead

Our commitment: We're for you

Queen Elizabeth outside the Gollan Hotel in Keen Street, in 1954.

We've done it for 141yrs, marked history and plotted the future

Local Partners