Remember back in September, when Yahoo announced that 500 million accounts were compromised in a security breach? That’s peanuts.
Today, the company disclosed a breach dating back to August 2013 that appears to have affected 1 billion accounts.
The stolen account information does not appear to have included credit-card data, bank account information, or passwords in clear text, Lord writes. But it might have included dates of birth, telephone numbers, hashed passwords, and some unencrypted security answers.
Breaches get announced all the time — hey, look, Quest Diagnostics disclosed one this week — but Yahoo’s are notable because of their sheer size.
Moreover, Yahoo is in the process of getting acquired by Verizon. It’s yet to be seen how these breaches might affect the $4.8 billion deal.
The breach disclosed in September had taken place in 2014. To make matters worse, Yahoo revealed in an SEC filing that it had discovered the breach — likely the work of a state-sponsored actor, according to the company — in 2014 but didn’t disclose it until this year.
Photo: Becks on Flickr. CC2.0 license. Photo has been cropped.