The company said today that it has over a billion user accounts separate breach occurred in August 2013 and September this year, 500 million accounts reported that Yahoo is believed to be different from the data theft is discovered violations yahoo discloses hack 1 billion accounts.
Troublingly, Yahoo‘s Chief Information Security Officer Bob Lord, said the company to determine how the data was stolen from an Arab accounts have not. “We connected with the theft has not been able to identify the intruder,” God wrote in a post announcing the hack.
“User account information was stolen names, email addresses, telephone numbers, date of birth, which may include hashed password (using MD5) and in some cases, in encrypted or unencrypted security question and answer,” Lord added.
Yahoo massive violation by law enforcement was alerted and checked out the data with the help of forensic experts. Payment information or data does not appear to contain plain text passwords, but it’s still bad news for Yahoo account holders. Is no longer considered secure hashing algorithm MD5 and MD5 hash easily looked up online to discover the password they can hide?
The breach affected account holders have notified Yahoo! says. Affected users will be required to change their password.
Yahoo also announced today that its proprietary code a hacker, which accounts without a password to access the cookies that may be used to create the code used was seen by. “Outside forensic experts believe the user accounts for which they were taken or used forged cookies have identified. We notified affected account holders are doing is illegal and counterfeit cookies,” Lord said, adding that he believes that the attack was launched by state-sponsored actors.
Yahoo’s long string of revelations adds to today’s security problems. Yahoo executives knew about the violation, and when they knew it, Verizon’s ongoing acquisition of Yahoo is the key question. Yahoo did not disclose the deal for several months after the first violation was announced