Recently Oath, owner of Yahoo, and a subsidiary of Verizon revealed that the biggest known cyber data breach ever recorded in the history of humankind was larger than Yahoo initially announced. As you may remember back in 2013 Yahoo suffered a cyber-attack – approximately one billion accounts were affected. Even though that it took Yahoo more than two full years to release the information about the data breach to the public, further investigation by the current owners confirmed that the incident was on a much larger scale. A few days ago, the current owners of Yahoo distributed a notice stating that every single Yahoo account might have been compromised during this very same attack. The total amount of user accounts that Yahoo had at the time was around the three billion mark.
The news is a significant blowback for Verizon as they might have been able to negotiate a better deal when acquiring Yahoo should they knew that the cyber-attack had affected every customer, instead of the initially announced one-third of the accounts. In the notice released earlier today, Chandra McMahon, Chief Information Security Officer at Verizon said;
“Verizon is committed to the highest standards of accountability and transparency, and we proactively work to ensure the safety and security of our users and networks in an evolving landscape of online threats. Our investment in Yahoo is allowing that team to continue to take significant steps to enhance their security, as well as benefit from Verizon’s experience and resources.”
The good news is that this is not a new security issue, Yahoo and Verizon claim that they have done everything possible to secure the accounts of its current users.
Yahoo is currently sending email notifications to the additional affected user accounts. The forensic experts hired by Verizon highlighted the fact that the compromised data is not known to contain passwords in clear texts, nor any banking information such as credit card numbers and bank account details. However, the investigation is still considered as an ongoing matter.
If you are worried that you may be amongst the affected ones, and you hadn’t taken any precautions when the breach was initially reported, check out our top 5 things you should do immediately.
Maybe keep track of verified bank accounts known to be truely registered entities. Like for instance charitable causes.
Of course, this would require a level of transparance, as well as guaranteeing one’s own integrity,