gfxgfx
 
Please login or register.

Login with username, password and session length
 
gfx gfx
gfx
74991 Posts in 13106 Topics by 2619 Members - Latest Member: rjvdmeijden December 06, 2016, 02:07:12 PM
*
gfx*gfx
gfx
WinMX World :: Forum  |  Discussion  |  WinMx World News  |  Attack on Yahoo hit 500 million users
gfx
gfxgfx
 

Author Topic: Attack on Yahoo hit 500 million users  (Read 177 times)

0 Members and 1 Guest are viewing this topic.

Offline DaBees-Knees

  • WMW Team
  • *****
Attack on Yahoo hit 500 million users
« on: September 23, 2016, 06:02:25 AM »
Quote
Yahoo says hackers stole information from about 500 million users in 2014 in what appears to be the largest publicly disclosed cyber-breach in history.[/[/b]

Password change urged

News of a possible major attack on the technology firm emerged in August when a hacker known as "Peace" was apparently attempting to sell information on 200 million Yahoo accounts. Yahoo on Thursday confirmed the breach was far bigger than first thought. The data taken includes names, email addresses, telephone numbers, dates of birth and encrypted passwords. Yahoo recommended all users should change their passwords if they had not done so since 2014.

Questions for Yahoo: Analysis by Dave Lee, BBC North America technology reporter, San Francisco

The nature of the information stolen feels somewhat run of the mill - no payment info, and passwords were encrypted. Good. But the chain of events leading up to this unprecedented announcement gives rise to some incredibly pressing questions for Yahoo. Why did it take so long for them to confirm the hack and its scale? Why did it take them so long to tell users and prompt them to protect themselves?  State-sponsored attacks are typically for political, not financial gain. So why were details reportedly being sold online? What evidence is there that it was state-sponsored?

Verizon, which has agreed to buy Yahoo, said it had not been told until a couple of days ago - why not? And why is Marissa Mayer, a chief executive who has presided over bad deals and now the biggest breach in internet history, still in charge? Verizon told the BBC it had learned of the hack "within the last two days" and said it had "limited information" The company added: "We will evaluate as the investigation continues through the lens of overall Verizon interests, including consumers, customers, shareholders and related communities. "Until then, we are not in position to further comment."

Yahoo said in a statement: "Online intrusions and thefts by state-sponsored actors have become increasingly common across the technology industry."

Reuters reported three unnamed US intelligence officials as saying they believed the attack was state-sponsored because it was similar to previous hacks linked to Russian intelligence agencies.

Nikki Parker, vice-president at security company Covata, said: "Yahoo is likely to come under intense scrutiny from regulators, the media and public and rightly so. Corporations can't shy away from data breaches and they must hold their hands up and show that they are committed to resolving the problem." She added: "Let's hope the ink is dry on the contract with Verizon."

Questions are being asked about the length of time it took Yahoo to fully acknowledge the breach. "It is really worrying that a breach from 2014 can have gone undetected for so long," said Prof Alan Woodward from the University of Surrey. "It is also surprising the public statement took so long to appear.
quote]

[/It happened two years ago and now they tell us !!! As regards password changes there's an old saying that comes to mind, "Closing the stable door after the horse has bolted".b]

Full article at http://www.bbc.co.uk/news/world-us-canada-37447016

Offline GhostShip

  • Ret. WinMX Special Forces
  • WMW Team
  • *****
Re: Attack on Yahoo hit 500 million users
« Reply #1 on: September 23, 2016, 06:18:15 AM »
Thankfully I have always seen email as an insecure medium and treated it accordingly, I don't use it and when i have had to set up any accounts they are filled with junk data to endure nothing is lost of strategic value, in this day and age its still surprising to hear of such major losses of folks private data but doubtless we can look forward to further releases due to the poor security model of cloud computing,

Online data is simply insecure, remember that and your fine.

Offline White Stripes

  • Core
  • *****
  • ***
  • Je suis aimé
Re: Attack on Yahoo hit 500 million users
« Reply #2 on: September 24, 2016, 08:02:58 AM »
@GS
email -is- a secure medium if you know how to treat it... for one, use a program not a webmail interface... set the program to delete messages from the server once they are downloaded, and use PGP for the stuff you only want the target to know... oh and make sure to use TLS for d/ling & u/ling your mail...

hushmail.com i believe is a provider the paranoid tend to use for email.. it costs but it is a business grade service with a home use option...

what gets me is the prevalent use of MSN messenger amongst the MX crowd, even by you GS, which not only doesnt encrypt messages and data but actively monitors it... AIM YIM ICQ(which is also AIM depending on what version) have all been caught peeking as well... ...granted you can use OTR but thats the same idea as using PGP...

the postal service isnt secure either (in any country) for those who do it oldschool..

WinMX World :: Forum  |  Discussion  |  WinMx World News  |  Attack on Yahoo hit 500 million users
 

gfxgfx
gfx
©2005-2016 WinMXWorld.com. All rights reserved.
SMF 2.0.12 | SMF © 2016, Simple Machines
Page created in 0.05 seconds with 23 queries.
Helios Multi © Bloc
gfx
Powered by MySQL Powered by PHP Valid XHTML 1.0! Valid CSS!