Yahoo confirms major breach that could be the largest hack of all time

        Yahoo revealed a massive data breach of its services on
        Thursday.  Yahoo "has confirmed that a copy of certain user
        account information was stolen from the company's network in
        late 2014 by what it believes is a state-sponsored actor," the
        company posted on its investor relations page.  The stolen
        data include names, email addresses, telephone numbers,
        birthdays, hashed passwords, and some "unencrypted security
        questions and answers."  Yahoo believes that "at least" 500
        million user account credentials were stolen, which would make
        it the biggest breach of all time, bigger than the MySpace
        breach of 427 million user accounts.

 - - -

Note the part about "unencrypted security questions and answers." The
continued use of security questions is a scourge on security, even for
people who (as I generally recommend) provide different fake answers
to those questions at different sites, rather than the real answers to
those common questions that could subvert their security later.

Care About Science and Tech? Our Job One: STOP TRUMP:
 - - -
Lauren Weinstein ( 
Lauren's Blog:
Founder: Network Neutrality Squad: 
         PRIVACY Forum:
Co-Founder: People For Internet Responsibility:
Member: ACM Committee on Computers and Public Policy
Tel: +1 (818) 225-2800
I have consulted to Google, but I am not currently 
doing so -- my opinions expressed here are mine alone.
 - - -
The correct term is "Internet" NOT "internet" -- please don't 
fall into the trap of using the latter. It's just plain wrong!
nnsquad mailing list

Reply via email to