Yahoo Suffers Major Data Breach Deja Vu

December 16, 2016

Yahoo on Wednesday revealed that Net bandits stole data associated with 1 billion of its user accounts -- one of the largest data breaches in Internet history.

The theft, which occurred in August 2013, is distinct from the theft disclosed earlier this fall, in which 500 million accounts were compromised, Yahoo CISO Bob Lord explained.

Stolen information may include names, email addresses, telephone numbers, dates of birth, hashed passwords using MD5 encryption -- and in some cases, encrypted or unencrypted security questions and answers, according to Lord.

An unauthorized third party accessed the code Yahoo uses to create cookies, he noted. Access to that code allowed attackers to compromise accounts with forged cookies.

In response to this latest discovery, Yahoo is taking steps to secure the accounts of affected users and invalidate forged cookies, said Lord, as well as to harden its systems against similar attacks.

More Data Nicked

This latest breach at Yahoo appears worse than the previous one not only because is it bigger, but also because more-sensitive information was stolen.

"More information was released than just usernames and passwords," explained Rami Essaid CEO of Distil Networks.

"The bad guys are getting a more holistic look at these users," he told TechNewsWorld.

Read the Article

Previous Article
New Year’s Resolutions for Entrepreneurs
New Year’s Resolutions for Entrepreneurs

Rami Essaid, CEO of Distil Networks discusses New Year's resolutions and what must every entrepreneur know ...

Next Article
Bad Bots Weren’t Eating Turkey over Thanksgiving
Bad Bots Weren’t Eating Turkey over Thanksgiving

Bad bots weren’t eating turkey over Thanksgiving - They were scouring retail websites, and continue to do s...