Yahoo user accounts are compromised.
Yahoo reported on its blog about a massive compromise of the credentials of users of their services. The results of the incident investigation showed that the compromise took place at the end of 2014 and its result was the leakage of 500 million accounts. The peculiarity of this situation is that Yahoo assures of the compromise of its services by state-sponsored cybergroups.
Yahoo has begun the process of notifying users of compromised accounts with a special message. Also, all users of services who have not changed their passwords since 2014 do so as soon as possible. The company assures that currently the attackers no longer have access to their services, however, how much time they could do is not specified, so we recommend that all users of the service change their passwords.
Compromise were also answers to secret questions that should be changed.
We’ve confirmed that we’ve been a state-sponsored actor. Email account numbers, email addresses, phone numbers, hashed passwords, and wireless logs.
Yahoo has begun the process of notifying users of compromised accounts with a special message. Also, all users of services who have not changed their passwords since 2014 do so as soon as possible. The company assures that currently the attackers no longer have access to their services, however, how much time they could do is not specified, so we recommend that all users of the service change their passwords.
It is not the case that the government has sponsored a report. Yahoo is working closely with law enforcement on this matter.
Compromise were also answers to secret questions that should be changed.
')
Source: https://habr.com/ru/post/310774/
All Articles