Yahoo has disclosed yet another data breach, this one affecting more than a billion user accounts. This follows the company’s announcement of a different data breach a few months ago, something the company — at this time, at least — believes is an entirely separate matter from the newly disclosed issue. This latest data breach is said to have happened back in August 2013, and included a bunch of account data being stolen.
Back in late September of this year, Yahoo revealed that a security breach had left more than 500 million user accounts compromised. That was a record-breaking disclosure, as far as these kind of data breaches are concerned, but the company has just one-upped itself, breaking its own record with yet another, bigger, data breach disclosure: more than one billion accounts compromised.
The company says that its investigation so far points toward an unauthorized ‘third party’ stealing user account data, something that is based on an analysis of data provided to the company by law enforcement. Thus far, Yahoo says it hasn’t been able to find the ‘intrusion associated with’ the stolen data.
The data taken from user accounts could be numerous, and include things like the user’s name, phone numbers, email addresses, hashed passwords, both unencrypted and encrypted security questions and passwords, and user birth dates. However, Yahoo doesn’t believe banking info or exposed passwords were accessed.
In addition, Yahoo has said that that a different ongoing investigation has revealed that someone used some proprietary company code to forge cookies. Users possibly affected by this issue are being notified, as are the account owners who were compromised in the latest data breach.
SOURCE: Yahoo Tumblr