Notebookcheck Logo

Yahoo: Personal info of 500 million accounts stolen

Eine unangenehme Meldung hatte Yahoo heute zu machen. (Bild: Yahoo)
Eine unangenehme Meldung hatte Yahoo heute zu machen. (Bild: Yahoo)
You should change your password! In a blog entry, email provider and search engine Yahoo states that in 2014 the data of at least 500 million user accounts have been stolen from their servers.

"An important message about Yahoo user security" – came in from email provider Yahoo: In 2014, a copy of user data was stolen, containing the following data: names, email addresses, telephone numbers, dates of birth, hashed passwords (the vast majority with bcrypt) and, in some cases, encrypted or unencrypted security questions and answers. Yahoo believes that this attack has gotten the data of more than 500 million users into the hands of what the company thinks are "state-sponsored" hackers, meaning the attackers were sponsored by a foreign government.

At the moment, the attackers do not have access to Yahoo's network any longer. The data copy seems to have surfaced in the Darknet and is being sold there, this is obviously how Yahoo got to know of the attack.

Yahoo has taken the following security measures:

  • Affected users will be notified. The content of the email Yahoo is sending to those users will be available at Yahoo states that users should be aware that there might be phishing attempts and that the original email from Yahoo will not ask them to click any links.
  • Potentially affected users should promptly change their passwords and adopt alternate means of account verification, e.g. the Yahoo account key.
  • Unencrypted security questions and answers have been invalidated, so they cannot be used to access an account.
  • All users who haven’t changed their passwords since 2014 should do so.
  • Users should keep an eye on their account and not click links in any suspicious-looking email.

Further information is available at this site.


static version load dynamic
Loading Comments
Comment on this article
Please share our article, every link counts!
Florian Wimmer, 2016-09-23 (Update: 2016-09-23)