YAHOO HAS SAID that more than a billion users may have had data stolen in a hack dating back to 2013 – separate from its previously disclosed breach affecting 500 million.
“Yahoo believes an unauthorised third party, in August 2013, stole data associated with more than one billion user accounts,” a statement said. “Yahoo believes this incident is likely distinct from the incident the company disclosed on September 22, 2016.”
Back in September, Yahoo revealed a hack affecting 500 million Yahoo customers worldwide.
The attack was probably “state sponsored,” it said, although some analysts have questioned the source.
Analysis by the security firm InfoArmor, which claims to have seen some of the data, contrasts with Yahoo’s claim that the attack was likely “state-sponsored,” but did suggest that stolen data was sold to a state-sponsored group at one point.
“Yahoo was compromised in 2014 by a group of professional blackhats (hackers) who were hired to compromise customer databases from a variety of different targeted organizations,” the report said.
The researchers said the first mention of Yahoo data for sale on “dark” online markets occurred in April 2016.
To embed this post, copy the code below on your site
have your say