Yahoo Announces Another Hack, And It’s Much Worse Than The Last One


When we’re using a ridiculous stock photo of a “hacker” you know that always means the same thing: “Somebody done goofed.” And this time it’s Yahoo. Again. Back in September, Yahoo was expected to confirm a massive data breach of 200 million accounts which took place in 2014, then they announced it was actually 500 million user accounts breached by a state-sponsored actor. *cough*

The earlier breach was uncovered during an investigation just as Yahoo was trying to sell themselves to Verizon for $4.8 billion, a deal which they’re still trying to close and which will become more difficult in light of this week’s news that an even larger breach has taken place.

Yahoo announced on Wednesday that a breach of over 1 billion accounts took place in August of 2013.

“Yahoo believes an unauthorized third party, in August 2013, stole data associated with more than one billion user accounts. The company has not been able to identify the intrusion associated with this theft. Yahoo believes this incident is likely distinct from the incident the company disclosed on September 22, 2016.”

Luckily, the breach probably doesn’t include credit card data or bank account information, and any passwords breached were hashed. Unfortunately, the breach did expose names, dates of birth, emails, phone numbers, and some unencrypted security questions and answers.

Verizon has not yet officially purchased Yahoo for $4.8 billion, and they have not commented on this new breach. For perspective, Microsoft offered to buy Yahoo back in 2008 for nearly ten times as much — $44.6 billion — and Yahoo rejected the offer. (Somebody done goofed!)

Yahoo’s stock is down nearly two and a half percentage points overnight in after-hours trading as of this writing.

(Via The Wrap)