Visitors Now:
Total Visits:
Total Stories:
Profile image
By SiteProNews (Reporter)
Contributor profile | More stories
Story Views

Now:
Last Hour:
Last 24 Hours:
Total:

Yahoo Admits it Knew About 2014 Hack of 500M Accounts Two Years Ago

Thursday, November 10, 2016 13:10
% of readers think this story is Fact. Add your two cents.

(Before It's News)

Yahoo today admitted to knowing two years ago about the 2014 breach of its systems that resulted in the hack of some 500 million of its users’ accounts.

In a filing with the SEC, Yahoo said an internal review — led by an independent Committee of the Board that was advised by independent counsel and a forensic expert — has revealed that some Yahoo employees were aware as of late 2014 that a “state-sponsored” entity had accessed its network, but they were unaware of the extent of the damage at the time.

“The Company had identified that a state-sponsored actor had access to the Company’s network in late 2014,” the filing reads. “An Independent Committee of the Board, advised by independent counsel and a forensic expert, is investigating, among other things, the scope of knowledge within the company in 2014 and thereafter regarding this access, the Security Incident, the extent to which certain users’ account information had been accessed.”

Yahoo said it is investigating if the cyber-attackers planted cookies to allow them to access user account data without a password. The filing also revealed the authorities had this week received new information related to the hack.

Police, on Nov. 7, “began sharing certain data that they indicated was provided by a hacker who claimed the information was Yahoo user account data. Yahoo will, with the assistance of its forensic experts, analyze and investigate the hacker’s claim that the data is Yahoo user account data,” reads the filing.

The company did not publicly announce the breach of its systems had occurred until September of this year. Yahoo said at that time it had begun an investigation a  few months ago into the breach when a supposed hacker, known as Peace, began bragging about  scoring hundreds of millions of Yahoo usernames and passwords to sell on the dark Web. It is not thought that ‘Peace’ is part of the alleged sate-sponsored attack that managed to filch names, e-mail addresses, telephone numbers, dates of birth, hashed passwords (the vast majority with bcrypt) and, in some cases, encrypted or unencrypted security questions and answers.

The breach was announced just a few months after Verizon agreed to acquire Yahoo’s Internet business for $4.83 billion in cash. It is not known if news of the breach will impact the deal. If the deal closes on schedule, it will be in the first quarter of 2017.


avatar

Jennifer Cowan is the Managing Editor for SiteProNews.

The post Yahoo Admits it Knew About 2014 Hack of 500M Accounts Two Years Ago appeared first on SiteProNews.

Report abuse

Comments

Your Comments
Question   Razz  Sad   Evil  Exclaim  Smile  Redface  Biggrin  Surprised  Eek   Confused   Cool  LOL   Mad   Twisted  Rolleyes   Wink  Idea  Arrow  Neutral  Cry   Mr. Green

Top Stories
Recent Stories

Register

Newsletter

Email this story
Email this story

If you really want to ban this commenter, please write down the reason:

If you really want to disable all recommended stories, click on OK button. After that, you will be redirect to your options page.