Friday, February fourteenth, the   UN says at least 22 people have been killed in a village in the Northwest region of Cameroon. Over half of those killed were children. No one has claimed responsibility for Friday’s incident but the opposition parties blame the killing on the government.

Yahoo says "state-sponsored" hackers stole data on about 500 million users

Yahoo says "state-sponsored" hackers stole data on about 500 million users in what could be the largest publicly disclosed cyber-breach in history.


The breach included swathes of personal information, including names and emails, as well as “unencrypted security questions and answers”.

The hack took place in 2014 but has only now been made public.

In the UK it is believed data on about eight million user accounts was taken in the hack

Stolen data includes names, email addresses, telephone numbers, dates of birth and encrypted passwords, but not credit card data, Yahoo said.

It said the information was "stolen by what we believe is a state-sponsored actor" but did not say which country it held responsible.

The FBI has confirmed it is investigating the claims.

Password change urged

News of a possible major attack on the technology firm emerged in August when a hacker known as "Peace" was apparently attempting to sell information on 200 million Yahoo accounts.

On Thursday, Yahoo confirmed the breach was far bigger than first thought

Yahoo is recommending all users should change their passwords if they have not done so since 2014.

In the UK, ISPs Sky and BT issued warnings for customers that they may be affected by the breach as Yahoo provides email services for both ISPs.

Sky estimates that it had about 2.5 million Sky.com email account holders at the time of the breach. It said not all were affected but would advise everyone with a Sky.com email account to update their password.

BT said it was carrying out its own investigation but advised the "minority" of its customers who use Yahoo mail to change their passwords.

The nature of the information stolen feels somewhat run-of-the-mill - no payment info, and passwords were encrypted. Good. But the chain of events leading up to this unprecedented announcement gives rise to some incredibly pressing questions for Yahoo.

Why did it take so long to confirm the hack and its scale? Why did it take so long to tell users and prompt them to protect themselves?

State-sponsored attacks are typically for political, not financial gain. So why were details reportedly being sold online? What evidence is there that it was state-sponsored?

Verizon, which has agreed to buy Yahoo, said it had not been told until a couple of days ago - why not? And why is Marissa Mayer, a chief executive who has presided over bad deals and now the biggest breach in internet history, still in charge?


Comments

Popular posts from this blog

Witchdoctors and soothsayers promote promiscuity in Malawi