Follow Slashdot blog updates by subscribing to our blog RSS feed

 



Forgot your password?
typodupeerror
×
Yahoo! Communications Network Privacy Security Verizon

Yahoo Triples Estimate of Breached Accounts To 3 Billion (engadget.com) 41

An anonymous reader shares a report from The Wall Street Journal (Warning: source may be paywalled; alternative source): A massive data breach at Yahoo in 2013 was far more extensive than previously disclosed, affecting all of its 3 billion user accounts, new parent company Verizon Communications Inc. said on Tuesday. The figure, which Verizon said was based on new information, is three times the 1 billion accounts Yahoo said were affected when it first disclosed the breach in December 2016. The new disclosure, four months after Verizon completed its acquisition of Yahoo, shows that executives are still coming to grips with the extent of the security problem in what was already the largest hacking incident in history by number of users.

A spokesman for Oath, the new name of Verizon's Yahoo unit, said the company determined last week that the break-in was much worse than thought, after it received new information from outside the company. He declined to elaborate on the source of that information. Compromised customer information included usernames, passwords, and in some cases telephone numbers and dates of birth, the spokesman said.

This discussion has been archived. No new comments can be posted.

Yahoo Triples Estimate of Breached Accounts To 3 Billion

Comments Filter:
  • 3 billion? (Score:4, Funny)

    by nospam007 ( 722110 ) * on Tuesday October 03, 2017 @04:24PM (#55304023)

    I didn't even know Yahoo still existed, so these 'accounts' must be from last millennium, no?

    • Re:3 billion? (Score:5, Insightful)

      by ark1 ( 873448 ) on Tuesday October 03, 2017 @04:27PM (#55304045)
      1. Allow spammers to create accounts and actively use them.
      2. Claim you have more "active" users so things must be going well.
      3. Profit?
      • by slazzy ( 864185 )
        That could be, also personally I create a new "junk" account every few months to use before it gets overrun with junk mail, so I alone probably have 100 yahoo accounts full of junk mail...
        • by lucm ( 889690 )

          I alone probably have 100 yahoo accounts full of junk mail

          Supposing that you've been doing that since the launch of Yahoo Mail, that means you created an account once every 2 or 3 months for 20 years. That's quite a commitment and a time-consuming process.

          Maybe your time is worth nothing but for $0.50 / month you can get cloud antispam from heluna, or for $5/month you can let Office365 or G Suite deal with that.

          • You don't buy G Suite for that, all the free gmail accounts come with working spam filtering. That's been true since they launched it.

      • Yeah, everybody does that.
        Lately this started happening even in the mighty beacon of anti-Facebook artist movement called Ello.

    • My ISP supplied email was hosted by Yahoo!.
      After the breach they forced a password change and bought the hosting back in house.
      I suspect Yahoo! hosted mail for a lot of organisations.
  • by ark1 ( 873448 ) on Tuesday October 03, 2017 @04:26PM (#55304029)
    ...under radar. Well played Yahoo/Verizon.
  • by SuperKendall ( 25149 ) on Tuesday October 03, 2017 @04:29PM (#55304057)

    "Yahoo announces leak of personal details for next several generations of humanity".

    Moral of story: Do not send your data back in time as a form of offsite backup, no matter how secure you think your future quantum encryption is.

  • by burtosis ( 1124179 ) on Tuesday October 03, 2017 @04:31PM (#55304067)
    Simply have a story every few weeks on what data remaining hasn't been stolen. I'm guessing at this point it's the null set.
  • by sconeu ( 64226 ) on Tuesday October 03, 2017 @04:33PM (#55304087) Homepage Journal

    Just curious if this includes AT&T accounts, since AT&T had outsourced their email to Yahoo.

  • by Anonymous Coward

    The last time they reported a breach (three consecutive times in a row) they forced a password reset. Now I can't even get into one of my accounts because it was the third time I had to reset it in a month, and can't remember the password. Even better, I forgot the reset passwords (Questions, but they are case sensitive so they may as well be passwords. (That you only ever use to reset the main one when you forgot it.....*facepalm*)), and there isn't a registered reset email address, because I was using it

  • At least it can't get any worse.
  • by phalse phace ( 454635 ) on Tuesday October 03, 2017 @05:02PM (#55304241)

    Verizon should have done their due diligence on this. They probably could have gotten their $1 billion discount [slashdot.org] instead of paying $4.48 billion for Yahoo!

    Got. Ripped. Off.

  • by campuscodi ( 4234297 ) on Tuesday October 03, 2017 @05:03PM (#55304243)
    Here's the source of the WSJ's reporting: https://www.oath.com/press/yah... [oath.com] I have no idea why the WSJ is hiding that story behind a paywall if it's freely accessible on Oath's blog.
  • by mentil ( 1748130 ) on Tuesday October 03, 2017 @05:10PM (#55304273)

    I have to hand it to the Slashdot commenters who suggested in the past that the breach would be gradually revealed to be ever bigger in scope. I imagine it'll later come out that they knew all of its accounts were breached, before the sale to Verizon, and withheld that info so they'd be bought out for a larger sum. It wouldn't surprise me if somewhere in all the Yahoo data were credentials that could've been used to hack into other, non-Yahoo computer systems, and those hacks may never be tied to this breach.

  • by gosand ( 234100 ) on Tuesday October 03, 2017 @05:11PM (#55304277)

    I mean, gmail has just over a billion I think. Surely most of these yahoo email addresses are abandoned.

    • I had a yahoo account around the turn of the century. Haven't used it since before you were born. Unless it got deleted, it was surely included in this breach (and probably in a lot of prior breaches).

Think of it! With VLSI we can pack 100 ENIACs in 1 sq. cm.!

Working...