Yahoo Triples Estimate of Breached Accounts To 3 Billion (engadget.com) 41
An anonymous reader shares a report from The Wall Street Journal (Warning: source may be paywalled; alternative source): A massive data breach at Yahoo in 2013 was far more extensive than previously disclosed, affecting all of its 3 billion user accounts, new parent company Verizon Communications Inc. said on Tuesday. The figure, which Verizon said was based on new information, is three times the 1 billion accounts Yahoo said were affected when it first disclosed the breach in December 2016. The new disclosure, four months after Verizon completed its acquisition of Yahoo, shows that executives are still coming to grips with the extent of the security problem in what was already the largest hacking incident in history by number of users.
A spokesman for Oath, the new name of Verizon's Yahoo unit, said the company determined last week that the break-in was much worse than thought, after it received new information from outside the company. He declined to elaborate on the source of that information. Compromised customer information included usernames, passwords, and in some cases telephone numbers and dates of birth, the spokesman said.
A spokesman for Oath, the new name of Verizon's Yahoo unit, said the company determined last week that the break-in was much worse than thought, after it received new information from outside the company. He declined to elaborate on the source of that information. Compromised customer information included usernames, passwords, and in some cases telephone numbers and dates of birth, the spokesman said.
3 billion? (Score:4, Funny)
I didn't even know Yahoo still existed, so these 'accounts' must be from last millennium, no?
Re:3 billion? (Score:5, Insightful)
2. Claim you have more "active" users so things must be going well.
3. Profit?
Re: (Score:3)
Re: (Score:3)
I alone probably have 100 yahoo accounts full of junk mail
Supposing that you've been doing that since the launch of Yahoo Mail, that means you created an account once every 2 or 3 months for 20 years. That's quite a commitment and a time-consuming process.
Maybe your time is worth nothing but for $0.50 / month you can get cloud antispam from heluna, or for $5/month you can let Office365 or G Suite deal with that.
Re: (Score:2)
You don't buy G Suite for that, all the free gmail accounts come with working spam filtering. That's been true since they launched it.
Re: (Score:2)
Yeah, everybody does that.
Lately this started happening even in the mighty beacon of anti-Facebook artist movement called Ello.
Re: (Score:2)
After the breach they forced a password change and bought the hosting back in house.
I suspect Yahoo! hosted mail for a lot of organisations.
Re: (Score:2)
Re: (Score:2)
Another BT customer?
Nearly every big name ISP in Canada used them at one point. From Rogers to Telus, this is likely going to be very interesting.
Waiting for Equifax hearing to pass this news (Score:5, Insightful)
Re: (Score:3)
I highly doubt 3B humans have ever signed up an account with Yahoo.
They said 3B accounts, not 3B people. Nobody is claiming that these are unique individuals.
Re: (Score:2)
I highly doubt 3B humans have ever signed up an account with Yahoo.
They said 3B accounts, not 3B people. Nobody is claiming that these are unique individuals.
I confess that I had 2 Yahoo accounts for a while, and slazzy confessed that he had 100. So the real number is at best 2,999,999,899 people.
Re: (Score:2)
Your math still failed, unless slazzy is your bot.
Headline next week (Score:3)
"Yahoo announces leak of personal details for next several generations of humanity".
Moral of story: Do not send your data back in time as a form of offsite backup, no matter how secure you think your future quantum encryption is.
There is an easier way to report this (Score:3)
Re: (Score:2)
Quick, let's centralize even more of the internet! What could possibly go wrong?
"Put all your eggs in one basket, and then watch that basket"
- Mark Twain
The problem we have is that the basket watchers suck because they were hired based on their gender and race rather than because they were the best available.
AT&T? (Score:3)
Just curious if this includes AT&T accounts, since AT&T had outsourced their email to Yahoo.
Forced Password Reset in 3...2...1... (Score:1)
The last time they reported a breach (three consecutive times in a row) they forced a password reset. Now I can't even get into one of my accounts because it was the third time I had to reset it in a month, and can't remember the password. Even better, I forgot the reset passwords (Questions, but they are case sensitive so they may as well be passwords. (That you only ever use to reset the main one when you forgot it.....*facepalm*)), and there isn't a registered reset email address, because I was using it
Look on the bright side... (Score:2)
Re:Look on the bright side... (Score:5, Funny)
Could be raining.
Verizon paid too much (Score:4)
Verizon should have done their due diligence on this. They probably could have gotten their $1 billion discount [slashdot.org] instead of paying $4.48 billion for Yahoo!
Got. Ripped. Off.
Story source (Score:3)
Scope Creep (Score:3)
I have to hand it to the Slashdot commenters who suggested in the past that the breach would be gradually revealed to be ever bigger in scope. I imagine it'll later come out that they knew all of its accounts were breached, before the sale to Verizon, and withheld that info so they'd be bought out for a larger sum. It wouldn't surprise me if somewhere in all the Yahoo data were credentials that could've been used to hack into other, non-Yahoo computer systems, and those hacks may never be tied to this breach.
Wait... yahoo had 3 billion users? (Score:3)
I mean, gmail has just over a billion I think. Surely most of these yahoo email addresses are abandoned.
Re: (Score:2)
I had a yahoo account around the turn of the century. Haven't used it since before you were born. Unless it got deleted, it was surely included in this breach (and probably in a lot of prior breaches).