Skip to main content

Yahoo expected to confirm massive data breach

Yahoo is on the verge of confirming a massive data breach of its site that is rumoured to have exposed several hundred million user accounts. Sources familiar with the breach were unspecific regarding the extent of the hack, though it is now likely that government investigations will be launched against the company due to how widespread and serious the incursion was.

Earlier this summer, Yahoo let users know that it was investigating a data breach in which hackers claimed to have gained access to 200 million user accounts that they made available for sale online with one source claiming: “It's as bad as that. Worse, really.”

The company is expected to announce details regarding the hack later this week that could affect the $4.8 billion sale of its core business to Verizon. The scale of the breach and the fact that the account credentials of many Yahoo users are possibly in the hands of hackers could make things quite difficult for the company's new owners. Shareholders may also be worried as the hack could lead to a adjustment in the terms of the deal with Verizon.

News of the Yahoo hack became known in August when a cybercriminal that goes by the name of “Peace” posted online that he was selling the credentials of 200 million Yahoo users from 2012 for just over $1,800 on the dark web. The data allegedly included the user names, poorly encrypted passwords, birth dates and other email addresses of the users.

Yahoo responded to this news by saying that it was “aware of the claim,” though the company did not confirm whether it was legitimate or not.  However, it did not urge users to reset their passwords at that time.

It seems that Yahoo will likely have to but since so much time has elapsed since the hack doing so now would be pointless. 

Image Credit: Ken Wolter / Shutterstock

Anthony Spadafora
After living and working in South Korea for seven years, Anthony now resides in Houston, Texas where he writes about a variety of technology topics for ITProPortal.