Internet giant Yahoo on Thursday admitted that information from at least 500 million of its user accounts was stolen in 2014 in what it believed was a ‘state-sponsored actor’.
Experts say that they hack may very well be the biggest data breach recorded till date.
The company said that the perpetrators may have stolen names, email addresses, telephone numbers, dates of birth and encrypted passwords.
Unprotected passwords, payment card data and bank account information did not appear to have been compromised, Yahoo said, signaling that some of the most valuable user data was not taken.
“This is the biggest data breach ever,” cryptologist Bruce Schneier told Reuters.
He said it was too early to say what impact the breach might have on Yahoo and its users because many questions remain, including the identity of the state-sponsored hackers behind it.
At the moment, it is not clear when the company learnt about the hack and why it took them two years to admit to it.
According to Reuters, the size of the attack on Yahoo was unprecedented compared to other corporate breaches such as at eBay Inc in 2014 which involved personal data of 145 million users.
It further states that the Yahoo breach, which follows a rising number of other large-scale data breaches, could make it a watershed event that prompts the government and businesses alike to put more effort into bolstering defenses, said Dan Kaminsky, a well-known Internet security expert.
“Five hundred of the Fortune 500 have been hacked,” he said. “If anything has changed, it’s that these attacks are getting publicly disclosed.”
Yahoo said that it was working with law enforcement agencies on the matter. FBI said that it was aware of the breach.
“The investigation has found no evidence that the state-sponsored actor is currently in Yahoo’s network,” the company said.Back to latest news