Nicole Perlroth, reporting for the NYT:
Yahoo announced on Thursday that the account information for at
least 500 million users was stolen by hackers two years ago, in
the biggest known intrusion of one company’s computer network.
In a statement, Yahoo said user information — including names,
email addresses, telephone numbers, birth dates, passwords and, in
some cases security questions — was compromised in 2014 by what
it believed was a “state-sponsored actor.” It did not name the
The company said that it was working with law enforcement
officials and that it was invalidating existing security questions
and asking users to change their passwords. Yahoo also encouraged
people to review other online accounts for suspicious activity,
change passwords and security questions on those accounts, and
watch out for suspicious emails.
Verizon, in midst of acquiring Yahoo, only found out about this two days ago. Not a good coda to Marissa Mayer’s tenure, to say the least.
Update: Also, doesn’t “500 million accounts” effectively mean all Yahoo accounts in 2014? How many accounts could there have been that weren’t stolen? They’re saying “500 million” but they really mean “They stole every account”. Right? Update: Here’s a report that claims Yahoo has 1 billion “monthly active users”, but even if true, that doesn’t mean every active user is signed into an account. Even if it’s not all accounts that were stolen, it has to be most.
★ Thursday, 22 September 2016