Yahoo Confirms Biggest Data Breach Ever



Multinational technology company Yahoo has confirmed a massive data breach that stole personal information from at least 500 million user accounts around the world.

It’s not yet been confirmed who’s responsible for the attack, but it does raise questions about the ongoing security measures in place at the tech giant.

Yahoo are now alerting users who have been affected by the cyber-attack – which occurred back in 2014 – and are taking steps to protect them moving forward. They have publicly stated they believe that the data breach was carried out by a ‘state-sponsored actor’ known as ‘peace’, but we are yet to learn if this is true.

What information was stolen?

Information connected to at least 500 million user accounts was stolen in this particular breach, which has been reported as the biggest data breach of all time. The information that was stolen includes:

  • Names;
  • Email addresses;
  • Telephone numbers;
  • Dates of birth;
  • Passwords;
  • Encrypted or unencrypted security questions and answers.

Investigations by Yahoo suggests that the stolen information doesn’t include unprotected passwords, payment card information, or bank account details; and that this information is housed securely elsewhere.

Yahoo’s next moves

Affected users are now being alerted by Yahoo via email and have advised to change their passwords and implement alternative means of account verification – alternative security questions, email addresses and phone numbers, etc. Yahoo are also continuing to investigate the cybercrime and are working with law enforcement on the case.

Actions you should take if you’ve been affected

  • Once you’ve changed your Yahoo password, be proactive and change any passwords, security questions and answers on other online accounts – from email to banking;
  • Check over your other accounts for any obvious suspicious activity;
  • Avoid clicking links or downloading attachments from emails that look suspicious;
  • Delete any unsolicited communications asking for any personal information;

Unfortunately, this won’t be the last big data breach that hits the headlines. Even as companies and governments become more sophisticated with their security, so do hackers about breaking it!

Want to learn how your business can avoid being the next victim of a potentially fatal data breach? We have a White Paper dedicated to explaining the importance of ISO 27001, and why the demand for implementing an Information Security Management System is booming!