Another day, another hack into huge data banks. This time Yahoo has said that a “state-sponsored” group of hackers managed to steal information from around 500 million users.
If this is found to be correct it would be the largest cyber-breach in history. The hackers were able to gather personal data from Yahoo’s customers including names, e-mails and possibly bank details, however the tech giant has denied these claims.
The worrying news is that this happened in 2014 and the information has only just been released.
Yahoo confirmed that the attack was carried out by state-sponsored actors, but they didn’t say which country it was. Many experts believe it is likely to be Russian or Chinese hackers, who carried out the breach.
Yahoo has recommended that all users should change their passwords if they haven’t since 2014. The concern is that it is to years since this attack, why are users only being told now. Also does it mean there might have been other attacks in the meantime, that the public will find about in 2018 for example.
Ryan Wilk, VP at NuData Security said :“Once again, more news of a big breach hits the wire. A blockbuster breach, with staggering size and scope which has actually been baking since 2014 when the original breach occurred and was reported on. Still, 500 million records lost will likely make this one of the biggest on record. Sadly, while that number may be what Yahoo is aware of today, we can probably expect this number to rise. With this attack of a half a billion user accounts, we are likely to see well over a billion accounts breached this year alone compared to about 800 million in 2015.
Ryan Kalember, SVP, cyber security strategy Proofpoint added: “Your email credentials are the single most sensitive piece of information you have. News of the Yahoo breach is yet another indication that email accounts are a prime target among criminals. Email is the top way cybercriminals are breaking into the world’s most sophisticated organizations and they target personal inboxes with the same aggressiveness.”
Brian Spector, CEO of MIRACL pointed out: “This is a modern-day mega breach, and demonstrates how data theft and identity fraud is a multi-billion dollar business on the dark Web.”
If you have a story or would like to contribute click here