500 million accounts. That’s how many were compromised in late 2014 in a data breach Yahoo says was the work of a “state sponsored actor” – that is somebody working on behalf of a foreign government.
More here from the Chicago Tribune:
Computer hackers swiped personal information from at least 500 million Yahoo accounts in what is believed to be the biggest digital break-in at an email provider.
The breach dates back to late 2014, raising questions about the checks and balances within Yahoo — a fallen internet star that has been laying off staff and trimming expenses to counter a steep drop in revenue during the past eight years.
At the time of the break-in, Yahoo’s security team was led by Alex Stamos, a respected industry executive who left last year to take a similar job at Facebook.
Of course one wonders what in the world took so long. Yahoo says no bank or credit card information was compromised but what was taken could be far worse:
The data stolen from Yahoo includes users’ names, email addresses, telephone numbers, birth dates, scrambled passwords, and the security questions — and answers — used to verify an accountholder’s identity. The company said the attacker didn’t get any information about its users’ bank accounts or credit and debit cards.
Security experts say the Yahoo theft could hurt the affected users if their personal information is mined to break into other online services or used for identity theft. All affected users will be notified about the theft and advised how to protect themselves, according to the company.
That’s not good. CEO Marissa Mayer, in the eyes of analysts has not done a bang up job since being appointed CEO in 2012.
This breach could put the sale to Verizon, a deal worth $4.8 billion, in possible jeopardy. Even if the deal goes through, Mayer’s position will likely be in jeopardy. Not that we should feel too sorry for her. If Mayer was terminated by Verizon, she would leave with severance package worth $44 million.