Subscribe to our free daily newsletters
. 24/7 Space News .




Subscribe to our free daily newsletters



CYBER WARS
Yahoo reveals new hack, this time a billion-plus users
By Rob Lever
Washington (AFP) Dec 15, 2016


Yahoo said Wednesday personal data from over a billion users was stolen in a hack dating back to 2013 -- twice as big as another breach disclosed just three months ago.

In a huge blow to the struggling internet pioneer, Yahoo said it made the discovery as it was investigating what was already the largest data breach of a single company.

"Yahoo believes an unauthorized third party, in August 2013, stole data associated with more than one billion user accounts," it said in a statement.

Yahoo said this case "is likely distinct from the incident the company disclosed on September 22, 2016" affecting 500 million users.

The news poses a fresh threat to Yahoo's deal to sell its core operating assets to Verizon for $4.8 billion.

In November, Yahoo disclosed that as part of its investigation into the prior breach, it had received data files from law enforcement "that a third party claimed was Yahoo user data."

- Source of hack unclear -

Using outside forensic experts, Yahoo now confirms that this was indeed user data but added that it "has not been able to identify the intrusion associated with this theft."

The statement added that "Yahoo has taken steps to secure user accounts and is working closely with law enforcement."

Yahoo's chief security officer Bob Lord said in a blog post that some of the intrusions were done by hackers who accessed accounts without a password by using "forged cookies," or data files which verify a device or user.

"We believe an unauthorized third party accessed our proprietary code to learn how to forge cookies," he said, adding that "we have connected some of this activity to the same state-sponsored actor believed to be responsible for the data theft the company disclosed on September 22."

Yahoo also said it was requiring affected users to change their passwords, and had invalidated unencrypted security questions and answers.

Yahoo said in September it believed the breach of information on 500 million users was "state sponsored" but some analysts have questioned this theory.

The stolen user account information in the newly disclosed breach may have included names, email addresses, telephone numbers, dates of birth, "hashed" passwords and, in some cases, encrypted or unencrypted security questions and answers, Yahoo said.

The hackers did not obtain passwords in clear text, payment card data, or bank account information, it said.

The latest breach discovery is a further embarrassment to a company that was one of the biggest names of the internet but which has failed to keep up with rising stars such as Google and Facebook.

- Not just technology -

Steve Grobman, chief technical officer at Intel Security, said the two incidents show "there were clear weaknesses in the architecture" used by Yahoo but that such hacks are not just about technology.

Large organizations holding vast amounts of user data, Grobman said, "need to rely not just on technology but use independent or internal resources to defend against attack scenarios."

Grobman said Yahoo can recover from the debacle but that "it needs to be transparent and show that it will emerge with the best security."

Patrick Moorhead, analyst at Moor Insights & Strategy, said it is possible the disclosure will kill the tie-up with Verizon.

"In the end it will be determined by how Yahoo customers react and what Verizon thinks about this," Moorhead said.

"I don't think Yahoo is worth nearly as much as it was before these two breaches because they can no longer be trusted. Yahoo can build back trust but it will take investment and focus."

Yahoo, after a series of reorganizations, decided late last year to sell its main operating business as a way to separate that from its more valuable stake in Chinese internet giant Alibaba.

Yahoo's plan would place its main operating business within Verizon, which has already acquired another faded internet star, AOL.

The remaining portion would be a holding company with stakes in Alibaba and Yahoo Japan.

Verizon said in a statement late Wednesday that it would await further news of the investigation before making any decision.

"As we've said all along, we will evaluate the situation as Yahoo continues its investigation," the statement said.

"We will review the impact of this new development before reaching any final conclusions."

Verizon had said the prior breach was likely "material," meaning it could allow the telecom giant to scrap the deal or lower its offer.

Yahoo's valuation hit $125 billion during the dot-com boom, but it has been losing ground since then despite several efforts to reboot.

In the mid-1990s, Yahoo was among the most popular destinations on the internet, helping many people navigate the emerging web.

It became the top online "portal," connecting users to news, music and other content. But its fortunes started to fade when Google began to dominate with its powerful search engine.


Comment on this article using your Disqus, Facebook, Google or Twitter login.


Thanks for being here;
We need your help. The SpaceDaily news network continues to grow but revenues have never been harder to maintain.

With the rise of Ad Blockers, and Facebook - our traditional revenue sources via quality network advertising continues to decline. And unlike so many other news sites, we don't have a paywall - with those annoying usernames and passwords.

Our news coverage takes time and effort to publish 365 days a year.

If you find our news sites informative and useful then please consider becoming a regular supporter or for now make a one off contribution.

SpaceDaily Contributor
$5 Billed Once


credit card or paypal
SpaceDaily Monthly Supporter
$5 Billed Monthly


paypal only

.


Related Links
Cyberwar - Internet Security News - Systems and Policy Issues






Share this article via these popular social media networks
del.icio.usdel.icio.us DiggDigg RedditReddit GoogleGoogle

Previous Report
CYBER WARS
Worried by hacker threat, France prepares army response
Bruz, France (AFP) Dec 12, 2016
France announced its first cyber-warfare army unit on Monday, aimed at increasing the country's hacking skills as concerns grow in Europe and the United States about Russian capabilities. Defence Minister Jean-Yves Le Drian likened the impact of hacking on warfare to the effect of the first aircraft on conflicts in the early 20th century. "The emergence of a new area, a new cyber-battlef ... read more


CYBER WARS
Bill Gates urges Trump to inspire Americans like JFK did

ESA to supply Service Module for first crewed Orion mission

American space legend John Glenn dead at 95

Space gardener Shane Kimbrough enjoys first of multiple harvests

CYBER WARS
China develops non-toxic propellant for orbiting satellites

Allegations Rocket Engine Failure Behind Progress Spacecraft Crash Incorrect

United Launch Alliance Successfully Launches WGS-8 Mission for the U.S. Air Force

Russian authorities inspecting crashed spacecraft debris

CYBER WARS
ExoMars orbiter images Phobos

Mars One puts back planned colonisation of Red Planet

Opportunity team plot path forward to the 'Gully'

Curiosity Rover Team Examining New Drill Hiatus

CYBER WARS
Chinese missile giant seeks 20% of a satellite market

China-made satellites in high demand

Space exploration plans unveiled

China launches 4th data relay satellite

CYBER WARS
UAE launches national space policy

European ministers ready ESA for a United Space in Europe in the era of Space 4.0

Nordic entrepreneurial spirit boosted by space

LeoSat and Globalsat Group Sign Strategic Worldwide Agreement

CYBER WARS
Japan launches 'space junk' collector

Teaching an old satellite new tricks

Orbital ATK to develop critical technology for in-orbit assembly

Decoding cement's shape promises greener concrete

CYBER WARS
Meta musings on the origins of life

ALMA measures size of seeds of planets

New telescope chip offers clear view of alien planets

Could There Be Life in Pluto's Ocean?

CYBER WARS
New Perspective on How Pluto's "Icy Heart" Came to Be

New analysis adds to support for a subsurface ocean on Pluto

Pluto follows its cold, cold heart

New Analysis Supports Subsurface Ocean on Pluto




Memory Foam Mattress Review
Newsletters :: SpaceDaily :: SpaceWar :: TerraDaily :: Energy Daily
XML Feeds :: Space News :: Earth News :: War News :: Solar Energy News






The content herein, unless otherwise known to be public domain, are Copyright 1995-2017 - Space Media Network. All websites are published in Australia and are solely subject to Australian law and governed by Fair Use principals for news reporting and research purposes. AFP, UPI and IANS news wire stories are copyright Agence France-Presse, United Press International and Indo-Asia News Service. ESA news reports are copyright European Space Agency. All NASA sourced material is public domain. Additional copyrights may apply in whole or part to other bona fide parties. All articles labeled "by Staff Writers" include reports supplied to Space Media Network by industry news wires, PR agencies, corporate press officers and the like. Such articles are individually curated and edited by Space Media Network staff on the basis of the report's information value to our industry and professional readership. Advertising does not imply endorsement, agreement or approval of any opinions, statements or information provided by Space Media Network on any Web page published or hosted by Space Media Network. Privacy Statement