For several years now, we’ve been warning Yahoo users against using Yahoo services, because of lax security and, in our opinion, failing to update hardware and software to protect its users from privacy violations. Now it comes to light that a half-billion Yahoo users have had their Yahoo accounts hacked.
Here’s the story from The Washington Post:
Yahoo says hackers stole info from 500 million user accounts
SAN FRANCISCO — Yahoo said hackers stole personal information from 500 million of its user accounts, a massive security breakdown it attributed to a “state sponsored actor.” The breach disclosed Thursday, the latest setback for the beleaguered internet company, dates back to late 2014.
That’s when high-tech thieves hacked into Yahoo’s data centers, the company said. But Yahoo only recently discovered the break-in as part of an ongoing internal investigation.
The stolen data includes users’ names, email addresses, telephone numbers, birth dates, hashed passwords, and the security questions — and answers — used to verify an accountholder’s identity.
Last month, the tech site Motherboard reported that a hacker who uses the name “Peace” boasted that he had account information belonging to 200 million Yahoo users and was trying to sell the data on the web.
Yahoo recommends that users change their passwords if they haven’t done so since 2014. The Sunnyvale, California, company said its investigation so far hasn’t found any evidence that information about users’ bank accounts or credit and debit cards were swiped in the hacking attack. It said it has “no evidence” that the attacker is still in Yahoo’s network.
News of the security lapse could cause some people to have second thoughts about relying on Yahoo’s services, raising a prickly issue for the company as it tries to sell its digital operations to Verizon Communications for $4.8 billion…