More Yahoo’s-fucking-up news, and it’s another hack. It’s like every week with this shit…
In late September, Yahoo got into trouble for finally copping to an email hack which took place in 2014 which put over 500 million users at risk. A couple weeks later, we found out that Yahoo essentially rolled out the red carpet for the government to go through Yahoo users personal information. Then we found out that there were employees at Yahoo who had knowledge of the hack all the while.
Now Yahoo reports that it’s all even worse than we thought. The company revealed on Dec. 14 that their may have been an additional hack to the one which has put their Verizon deal in peril.
The latest hack, which apparently will affect over a billion users, apparently took place in August 2013. Even more troubling, however, is the fact that, up to know, Yahoo apparently has no idea how the data was stolen.
Yahoo’s chief information security officer Bob Lord: “We have not been able to identify the intrusion associated with this theft. The stolen user account information may have included names, email addresses, telephone numbers, dates of birth, hashed passwords (using MD5) and, in some cases, encrypted or unencrypted security questions and answers.”
Yahoo does not provide automatic password resets for user accounts affected by breaches, but has urged “potentially affected users” to change their passwords.
All this has, as you can imagine, done wonders for the prospects of the Verizon deal: the proposed $4.8 billion sale of its core business to Verizon officially came into jeopardy last month. In an SEC filing last month, Verizon noted that they may change the terms of the merger of end talks outright “as a result of facts relating to the Security Incident”.
Add another “security incident” on top of that, and things don’t look great for the former silicon-valley golden child.