- In 2013, captured Hacker Yahoo user data of more than one billion users.
- What you have captured may what Yahoo is to blame and what this means for the take-over by Verizon: questions and answers in an Overview.
How to spell Yahoo the end of 2016? D-e-b-a-k-e-l. That’s the impression that comes to mind now: for the second Time this year, the company must give Marissa Mayer a data theft on a Grand scale: the records from a billion users to have captured unknown attackers in August 2013. That would be the largest known data Theft in history. What’s up with that – the most important questions and answers.
data Theft in case of Yahoo… wasn’t there once something?
Right – already in September of this year, Yahoo announced that data had been stolen from the 500 million users. At the time, revealed the attack came from the year 2014, the now known, took place a year earlier. You assume that it was two different attacks. However, Connections to the data-collapse of 2014 were, in certain aspects, the Yahoo with a “state-sponsored actor”.
The security analyst Andrew Komarov has declared that an Eastern European hacker group, offered the data. It is unclear how large the intersection between the two sets of data is – i.e. how many customers have been two Time victims of data theft.
What, exactly, could steal the hackers?
Yahoo-chief of security, Bob Lord, will remain here in the subjunctive: name, E-Mail addresses, telephone numbers, dates of birth, and “unencrypted or encrypted security questions and answers” could be read. Credit card and Bank account information were not affected because they were stored somewhere else.
in theory: no. Yahoo stores the passwords in clear text. However, the used one-way encryption (Hashed MD-5) for more than a decade as relatively uncertain. Due to the increasing computing power of such passwords with the help of a database-matching crack.
How long does Yahoo know of it?
At 7. November of this year, the security authorities handed over the company records, obtained by a Hacker. This indicated a risk of unauthorised access. This has been confirmed now, and in a huge scale. It is unclear whether Yahoo is registered as the in September, known case of 2014 – the access already, but the extent was underestimated.
How penetrated the attackers?
A large Problem hidden in a phrase: One cannot know how the attackers came into the System, it means of Yahoo. This could mean that the vulnerability still exists. “Yahoo has built right son of a,” commented the respected IT security blogger Bruce Schneier, “you see now, that you have not taken security seriously.” Well, founded in 1995, the company revised certain of the older parts of its code and thus vulnerable to attack.
Are really affected a billion people?
“More than a billion accounts” does not mean that it is active users, especially since the customers contracted master of the company in the past few years. Regularly, the service is used in the main market, the United States, in the meantime, especially for the well-known Football fantasy game of the group.
What does this mean for users?
Yahoo informed the affected customers and reset the password. Unencrypted security will be disabled questions. Who used to be Yahoo password 2013 for other accounts, you should change its access. As with all sensitive accounts Two-factor authentication is next to a complex password (password booklet here) as a first step, to make it difficult to access. However, American civil rights activist doubts anyway about whether Yahoo is still to be trusted: Two former employees that the company E-Mails for American security agencies such as NSA and the FBI scanned for certain key words.
Why is the Acquisition by Verizon important?
The American telecoms group wants to take on Yahoo’s core business for $ 4.8 billion. Most recently, the company has, however, in view of the constantly new revelations already doubt expressed as to whether the former Internet giant, the money is still of value. Now Verizon taciturn announced, to keep the matter in view. Before a final decision would be taken, would be assessed the “new development,” said spokesman Bob Varettoni.
it is Clear that the criticism of Yahoos-CEO Marissa Mayer is expected to grow. Since 2012, the CEO, and will retire after the Acquisition is foreseeable in any case. Now the second major security incident, under your Aegis, is already known.