Officially the largest breach announced publicly
A
massive password breach happened in 2014. Information from at least 500
million Yahoo accounts was stolen from the company in 2014. It was
officially announced yesterday i.e. on 22nd September.
State-sponsored
hackers might me responsible for what may be the largest-ever theft of
personal user data, as said by the company.
According
to the company, it said that the hackers penetrated it’s network in
late 2014 ans stole personal data of 500 million users.
According to the company the stolen data includes :-
1.) names
2.) Email Addresses
3.)Telephone numbers
4.) dates of birth and
5.)Encrypted passwords.
According to the wallstreet Journal the breach at yahoo is believed to be largest ever publicly disclosed by a company.
Who’s Affected :-
Despite
the enormous number of people affected by this breach, the biggest
victim may be yahoo itself. This is because it is trying to make a deal
to sell itself to verizon for almost 4.8 billion dollars. Now due to
this details, the share price may fall rapidly.
But is said that it reset the passwords of affected users and begun the process of notifying victims by email.
How Serious is This?
The
most serious problem for Yahoo users would be if the cryptographically
hashed passwords exposed in the hack can be cracked and used. Yahoo
stated that the “vast majority” of its passwords had been encrypted with
the bcrypt hashing scheme, which is believed to be relativelt tough for
hackers to decipher. But details of Yahoo’s hashing scheme and the
fraction of leaked passwords that use it aren’t clear.
Yahoo
has warned victims of the breach to be wary of “unsolicited
communications that ask for your personal information or refer you to a
web page asking for personal information.” The leak provides a bounty of
leads for both text-message and email-based phishing schemes that trick
users into giving up more information.
But the
most damaging aspect of the affair may yet turn out to be its timing:
Yahoo’s buyout deal is set to become a test case of whether a massive
corporate sale can weather an equally massive hacking debacle.
How to identify whether you are hacked:-
Yahoo
has 1 billion monthly active users on its services overall and just 225
million monthly active users for its Yahoo Mail service, according to
figures the company gave CNET in June.
So check
the email affiliated with your Yahoo account if you haven't already.
Yahoo has started sending out notifications to users, and you should be
receiving one at that account if you were affected by the data breach.
Prevention :-
Change your password
Yahoo
is recommending that people who haven't changed their password since
2014 do so now. The company says the passwords that hackers stole were
encrypted -- scrambled up with a tool called bcrypt. This kind of
encryption can potentially be broken with enough persistence.
Ask yourself, 'Did I use this password somewhere else?'
It's
a common habit. Use the same password for lots of different accounts.
If this breach has anything to teach you, it's that this is a terrible
idea.
If you recycled your Yahoo password on a
different account, go change your password on that account too. The
hackers who have your password could easily try it on a whole bunch of
different websites -- think bank websites or health insurance websites
-- to try to access information beyond your Yahoo account.
Delete old accounts you don't use
While
you're thinking about all the accounts you have out there, ask yourself
why you even have them. If you don’t use better delete them.
Courtesy : Quora
No comments:
Post a Comment