In what is overwhelmingly the largest breach in history, Yahoo reported that more than 1 billion of its email accounts were breached in August 2013.
Hackers were likely able to steal sensitive data including: names, emails, phone numbers, dates of birth and security questions and answers, Yahoo officials said.
The company said it believes bank account information wasn’t affected.
While Yahoo said it scrambles its passwords twice - once with encryption and the other with hashing, hackers were able to gain access. The company said this can be problematic for users who re-used passwords for other accounts. Security questions and answers have been invalidated so they can no longer be used to gain access to an account.
[Also: How to beat back hackers and savvy cybercriminals? Delve into the dark web]
This is the second time in recent months that Yahoo has been under fire. In September, the company confirmed a breach of more than 500 million user accounts that occurred in 2014.
The company hasn’t been able to determine the third-party responsible for the attacks, but is working with law enforcement and forensic experts. Officials said it’s likely a different hacker from the hack announced in September, but some of the activity is connected to the state-actor responsible for that attack.
Yahoo now holds the top two spots for the biggest breaches in history. It’s followed by FriendFinder Networks (412 million), MySpace (360 million), eBay (145 million), J.P Morgan Chase (83 million) and healthcare’s Anthem (78.8) million.
Yahoo agreed to sell its digital operations to Verizon Communications for $4.8 billion earlier this year. However, according to the Associated Press, the deal may be in jeopardy after these two breaches.
Twitter: @JessieFDavis
Email the writer: jessica.davis@himssmedia.com
