500 Million Yahoo User Accounts Breached in Late 2014; Probe Ongoing, Confirms Company
Yahoo confirmed that at least 500 million user accounts were compromised in late 2014, possibly by a state-sponsored actor, resulting in the possible theft of users' names, email addresses, phone numbers, birth dates, hashed passwords and encrypted and unencrypted security…
Sign up for a free preview to unlock the rest of this article
Export Compliance Daily combines U.S. export control news, foreign border import regulation and policy developments into a single daily information service that reliably informs its trade professional readers about important current issues affecting their operations.
questions and answers. "The ongoing investigation suggests that stolen information did not include unprotected passwords, payment card data, or bank account information; payment card data and bank account information are not stored in the system that the investigation has found to be affected," wrote Chief Information Security Officer Bob Lord in a Thursday blog post. Lord said there's no evidence the state-sponsored actor is still in the network, but the company is working with law enforcement in an investigation. The company, which also provided FAQs about the breach, said it's strengthening network security and provided instructions for users to improve their account security. A spokesman for Verizon, which announced in July that it's acquiring Yahoo for $4.83 billion in cash (see 1607250016), tweeted Thursday that it was notified "with the last two days" of the incident, but has "limited information and understanding" beyond that there's an ongoing investigation.