Today, Verizon has officially announced that a major data breach in the year 2013 effectively breached all of Yahoo’s accounts at the time.
Verizon has announced that a major data breach in 2013 effectively encompassed all of Yahoo’s accounts, numbering 3 billion at the time. Verizon made the announcement via a statement to Oath.com, which contradicts the initial statement made by Yahoo back then. At the time, the company said that 1 billion accounts had been breached.
“Subsequent to Yahoo’s acquisition by Verizon, and during integration, the company recently obtained new intelligence and now believes, following an investigation with the assistance of outside forensic experts, that all Yahoo user accounts were affected by the August 2013 theft. While this is not a new security issue, Yahoo is sending email notifications to the additional affected user accounts. The investigation indicates that the user account information that was stolen did not include passwords in clear text, payment card data, or bank account information. The company is continuing to work closely with law enforcement.”
It has been confirmed since the attack that the breach resulted in important information being leaked, including names, addresses, birth dates, email addresses, passwords, telephone numbers, and more. However, it is still not believed that the breach led to other sensitive information, including credit and debit card information, or bank account information, was reached.
As part of the statement, Verizon says it is committed to the security of its customers:
“Verizon is committed to the highest standards of accountability and transparency, and we proactively work to ensure the safety and security of our users and networks in an evolving landscape of online threats,” said Chandra McMahon, Chief Information Security Officer, Verizon. “Our investment in Yahoo is allowing that team to continue to take significant steps to enhance their security, as well as benefit from Verizon’s experience and resources.”
Was your account breached in the Yahoo attack?[via Oath]