After the biggest data theft in history on Yahoo! still “33 misfortunes”

On September 22, 2016, Yahoo acknowledged that its users ’personal data was stolen. We are talking about data theft of at least 500 million accounts.

This happened back in 2014, but the fact was recognized by the company just now. Yahoo! I discovered this hack after I received information about another attack in August that turned out to be false.
')
The amount of stolen data exceeds the amount stolen from the servers of other electronic companies - such as MySpace.

In 2013, 360 million accounts and 427 million passwords were stolen from the servers of this social network. In May of this year, MySpace data was put up for sale on the Internet.

To hackers came into the hands of information about e-mail, phone numbers, dates of birth of Yahoo users. However, all these data were stored in encrypted form, so the attackers still had to spend time decrypting them.

The company believes that hackers will not be able to get to the information on payment cards and bank accounts, since they are not stored in the system. All Yahoo! suggests changing passwords if they have not done so since 2014, but does not insist on it.

Well-known cryptologist Bruce Schneier said that he could not yet assess the consequences of hacking for Yahoo users, but he called the data theft the largest in history.

In August, a hacker nicknamed Peace put up for sale a database with data on 200 million Yahoo users with a cost of $ 1.8 thousand. Hacker claimed that he got data from more than 100 million pages, writes the Motherboard edition.

It is known that “Peace” is a common pseudonym for people who were also involved in the sale of stolen MySpace and LinkedIn data.

New Yorker Ronald Schwartz filed a lawsuit against Yahoo! to San Jose (California) Federal Court on behalf of all US users. The possible compensation that can be awarded in case Schwartz wins is not yet determined.

The plaintiff suggests that Yahoo could prevent violations, but did not take the need to protect the data seriously. Another claim relates to the identification of the fact and the investigation into the hacking circumstances. It was spent on 3 times more time than necessary by the rules.

Yahoo demonstrated “disregard for the security of personal data of its users, who promised to protect,” the statement of claim says. Lawsuits were also filed in the Illinois and San Diego courts.

As the head of the Internet company department noted, the hacker, whose actions were sponsored by the “government of the state”, was able to gain access to closed data. “Online invasions and theft with state support are becoming increasingly common in the technical industry,” complain Yahoo.

According to the management of Yahoo, hackers from Russia were involved in hacking the system in 2014, a source told The Wall Street Journal who was familiar with the situation. It is assumed that their goal was about 30 accounts of specific people who do business in Russia.

Previously, the company did not name the country from which the attack was organized. At the same time, the interlocutor of the publication is not sure that the actions of these particular hackers led to the leakage of data of 500 million users.



At Yahoo! Now and so difficult period: in July, she agreed to sell the Internet unit operator Verizon Communications for $ 4.83 billion. According to Robert Peck, an analyst at SunTrust Robinson Humphrey, information about a burglary will not force Verizon to abandon the deal, but the buyer may ask for a discount of $ 100 million, or even $ 200 million. The size of the discount will depend on how many users refuse Yahoo services.

Lawyer at K & L Gates Stephen Kaponi believes that the terms of the transaction and accepted practice allow the buyer to abandon it if the price of the asset drops significantly, but such cases are quite rare.

“If the changes are significant, Verizon will have the opportunity to start negotiations on changing the terms of the deal or abandon it altogether. It will be possible to assess the change in the value of an asset by the information that was stolen, ”he said.

Representatives of Verizon said that the information about the attack, they will assess in accordance with their own interests.

On the website delfi.lv published several tips to users of stolen accounts.

Change passwords and security questions

If you are still using Yahoo mail or uploading photos that you don’t want to lose on Flickr, change your passwords and security questions. This can be done in just five minutes.

Remember if you used these passwords and questions somewhere else

If malefactors crack passwords (or have already cracked) Yahoo, then they will surely “drive” couples from the login-password in automatic mode through all other popular services - social networks, Gmail, and so on.

According to statistics, about 2% of people constantly use the same logins and passwords on different services, so in this case, hackers can catch quite large fish.

Enable two-factor identification

With two-factor authentication, you can feel at ease even if you have the password “12345” (we, however, still recommend the password “12354” - just to check out hackers).

Two-factor identification is supported by almost all who feel like it, including Google, Facebook, Twitter, and so on. Find and turn it on wherever possible - and all these giant password leaks will stop worrying you.