Yahoo confirmed that account information associated with at least 500 million user accounts has been stolen. The New York Times reports this as the biggest known intrusion of one company’s computer network in history. Yahoo believes an individual acting on behalf of a government was behind the data breach that occurred in 2014. Yahoo did not name the country involved.
Yahoo has posted an Account Security Issue FAQ page where they report the information stolen may have included: names, email addresses, telephone numbers, dates of birth, hashed passwords (the vast majority with bcrypt) and, in some cases, encrypted or unencrypted security questions and answers.
The company believes the hackers did not get access to unprotected passwords, payment card data, or bank account information.
If impacted by the data breach, Yahoo suggests users change password and security questions, review accounts for suspicious activity, be cautious of any unsolicited communications that ask for personal information, and also avoid clicking links or downloading attachments from suspicious emails.
Mudd Law represents individuals and businesses on matters relating to data security . Our firm possesses a critical knowledge of the technical and legal aspects of this substantive area. Our Principal Attorney Charles Lee Mudd Jr. will be speaking at the Illinois State Bar Association’s “Cybersecurity: Protecting Your Clients and Your Firm” program on February 1, 2017 in Chicago. The event will educate attorneys on how they can protect their firms and clients against data breaches and cyberattacks.