What will be the consequences of the massive data breach at Yahoo affecting 500 million accounts?

An investigation by Yahoo confirmed that personal information linked with at least 500 million user accounts was stolen.

This is due to a data breach which took place in the last months of 2014. The stolen information included names, email addresses, dates of birth, telephone numbers, some passwords, and also a number of security questions & answers. Yahoo also stated that card payment and bank account information was not stolen.

Yahoo is now recommending users to change their passwords if they haven’t changed them after 2014.

All this comes at an uncomfortable time for Yahoo as it is in the middle of selling its digital operations to Verizon Communications for $4.8 billion.

Consequences:-

• As Verizon doesn't know much about the data breach, the company wants to evaluate every detail of the breach and its investigation.

“We will evaluate as the investigation continues through the lens of overall Verizon interests, including consumers, customers, shareholders and related communities,” the company said in a statement.

• This news could slow things down in regards to the Verizon-Yahoo deal as the deal doesn't close until next year.
• The breach would cause trouble for the both companies: adversing press, regulator inspections and the major user base creating a fuss.

Analyst Robert Peck of SunTrust Robinson Humphrey said the breach wasn't seemingly enough to make Verizon abandon its deal with Yahoo, but it could call for a price decrease of $100 million to $200 million, depending on how many users leave Yahoo.

Steven Caponi, an attorney at K&L Gates with a practice including merger litigation, said that Yahoo's breach could fall under the "material adverse change", clause common in mergers allowing a buyer to walk away if its target's value decreases.

"That would give Verizon the opportunity to renegotiate the terms or potentially walk away from the transaction if it is a material change. Whether it is a material change will depend in large part on what kind of information was compromised," Caponi said.

Courtesy : Quora 

What are the key details behind the Yahoo! password breach?

Officially the largest breach announced publicly

A massive password breach happened in 2014. Information from at least 500 million Yahoo accounts was stolen from the company in 2014. It was officially announced yesterday i.e. on 22nd September.

State-sponsored hackers might me responsible for what may be the largest-ever theft of personal user data, as said by the company.

According to the company, it said that the hackers penetrated it’s network in late 2014 ans stole personal data of 500 million users.

According to the company the stolen data includes :-

1.) names

2.) Email Addresses

3.)Telephone numbers

4.) dates of birth and

5.)Encrypted passwords.

According to the wallstreet Journal the breach at yahoo is believed to be largest ever publicly disclosed by a company.

Who’s Affected :-

Despite the enormous number of people affected by this breach, the biggest victim may be yahoo itself. This is because it is trying to make a deal to sell itself to verizon for almost 4.8 billion dollars. Now due to this details, the share price may fall rapidly.

But is said that it reset the passwords of affected users and begun the process of notifying victims by email.

How Serious is This?

The most serious problem for Yahoo users would be if the cryptographically hashed passwords exposed in the hack can be cracked and used. Yahoo stated that the “vast majority” of its passwords had been encrypted with the bcrypt hashing scheme, which is believed to be relativelt tough for hackers to decipher. But details of Yahoo’s hashing scheme and the fraction of leaked passwords that use it aren’t clear.

Yahoo has warned victims of the breach to be wary of “unsolicited communications that ask for your personal information or refer you to a web page asking for personal information.” The leak provides a bounty of leads for both text-message and email-based phishing schemes that trick users into giving up more information.

But the most damaging aspect of the affair may yet turn out to be its timing: Yahoo’s buyout deal is set to become a test case of whether a massive corporate sale can weather an equally massive hacking debacle.

How to identify whether you are hacked:-

Yahoo has 1 billion monthly active users on its services overall and just 225 million monthly active users for its Yahoo Mail service, according to figures the company gave CNET in June.

So check the email affiliated with your Yahoo account if you haven't already. Yahoo has started sending out notifications to users, and you should be receiving one at that account if you were affected by the data breach.

Prevention :-

Change your password

Yahoo is recommending that people who haven't changed their password since 2014 do so now. The company says the passwords that hackers stole were encrypted -- scrambled up with a tool called bcrypt. This kind of encryption can potentially be broken with enough persistence.

Ask yourself, 'Did I use this password somewhere else?'

It's a common habit. Use the same password for lots of different accounts. If this breach has anything to teach you, it's that this is a terrible idea.

If you recycled your Yahoo password on a different account, go change your password on that account too. The hackers who have your password could easily try it on a whole bunch of different websites -- think bank websites or health insurance websites -- to try to access information beyond your Yahoo account.

Delete old accounts you don't use

While you're thinking about all the accounts you have out there, ask yourself why you even have them. If you don’t use better delete them.

Courtesy : Quora