Yahoo Data Breach 2013: Every Account Was Hacked

New details discovered about Yahoo data breach

If you had or still have a Yahoo email account, it is high time you changed your password. When it comes to bad luck, Yahoo company certainly knows what it feels like. Begining from 2013, it has been continuously terrorized by cyber criminals. Unfortunately, they managed to succeed in their misdeeds.

The scale of data breach scales turns out to be massive

In August 2013, after the security of Yahoo email accounts was breached, the company stated that 1 billion accounts were hacked. The “unauthorized third-party” was the culprit for leaked data. The latter was comprised of the following:

  • Contacts
  • Full name;
  • Birthday date;
  • Hashed passwords (using MD5);
  • Phone number;
  • Security passwords and answers;

The company assured that no credit card information was leaked. Users were urged to change their passwords. The incident also revealed a bad tendency among users of using “password123” security phrases.

Data breach every year

After more than a year has passed, cyber criminals struck again. On September 22, 2014, 500 million accounts were violated. This time, the specialists claimed that it was a state-sponsored attack.

The data was said to benefit the felons penetrate Gmail and iTunes accounts. The FBI investigation presented the results that the convicts were Russian FSB officers, Dmitry Dokuchaev and Igor Sushchin, cooperating with a few Canadian hackers.

Later on, another incident in 2016 followed these data breaches. The cyber villain, by the pseudonym of “Peace of Mind,” was selling leaked account data on darknet already since late 2015. Further disclosed details led to assume that the data had been obtained prior 2013 data breach incident. Unfortunately, Yahoo security experts’ late discovery about the incidents only made matters worse.

However, while it seems that it cannot get worse, further investigation denies such assumption. The company experts revealed that the 2013 data leak was much bigger in scale than expected. The analysis disclosed that all 3 billion Yahoo accounts, active in 2013, were violated.
Unfortunately, these findings only harm the dubious reputation of Yahoo even more.

If you still have an email Yahoo account, you should change your passwords again. However, considering the fact that more details are unraveled about data breaches dating back three years ago suggests that your account might be still at risk even if you alert the passwords.

On the final note, even if you have Gmail account, you should be vigilant as well. Connecting different accounts might not be a good idea since if perpetrators hack into one, they might breach another. In addition, recent IT experts’ analysis reveals that hackers developed a new campaign called “Free Milk.” By violating one’s users email account, they break into ongoing email chats and foist malicious attachment.
All in all, when it comes to cyber security you can never be too cautious:

  • double-checking the identity of a sender and enabling two-step verification are still viable prevention tips
  • ensure the security of your email and PC with a couple of different cyber security tools
Posted in support.