×
You will be redirected back to your article in seconds

Yahoo Now Says Info From Over 1 Billion User Accounts Was Stolen in 2013

Yahoo disclosed an even more massive security breach — saying that data from more than 1 billion user accounts was stolen by an unknown party in 2013 — than the one it revealed in September.

The major revelations that hackers have preyed on Yahoo’s weak security systems poses a threat to Verizon’s $4.8 billion proposed acquisition of the internet company. The security breaches could lead the telco to negotiate the price down, or even abandon the deal altogether.

Asked for comment, a Verizon spokesman said, “As we’ve said all along, we will evaluate the situation as Yahoo continues its investigation. We will review the impact of this new development before reaching any final conclusions.”

The 2013 incident is easily the biggest security breach on record. Yahoo said in September that information on at least 500 million email accounts was stolen by “state-sponsored” hackers in 2014. According to Verizon, it had only been informed of the scope of the breach two days prior to Yahoo’s Sept. 22 announcement. Subsequently, Verizon general counsel Craig Silliman said the disclosure represented a “material” event, which could prompt the terms of the deal to be renegotiated.

The 1 billion-plus accounts hacked in August 2013 were “likely distinct” from the previously reported breach, Yahoo said, although it said it has connected some of the activity in the 2013 incident to the same hacker or hackers thought to be behind the 2014 breach. The company said it discovered the larger hack after reviewing data files provided by law enforcement and analyzed them with the assistance of outside forensic experts and found that it appeared to be Yahoo user data.

According to Yahoo, the user account information stolen in 2013 may have included: names, email addresses, telephone numbers, dates of birth, hashed passwords and, in some cases, encrypted or unencrypted security questions and answers. “The investigation indicates that the stolen information did not include passwords in clear text, payment card data, or bank account information,” the company said. Yahoo also said users’ payment card data and bank account information are not stored in the system it believes was compromised.

Based on its ongoing investigation, Yahoo said, it believes an unauthorized third party accessed the company’s proprietary code to learn how to forge cookies — which web browsers use to track users — and that could have allowed an intruder to access user accounts without a password. Yahoo is notifying affected account holders, and has invalidated the forged cookies.

Previously, experts said Yahoo’s costs associated with the security breach will run into the tens of millions of dollars. The security breach disclosed in September has already led to at least 23 proposed class-action lawsuits by users who claim they were affected.

Popular on Variety

More Digital

  • Neilsons Measurment Problems TV Digital

    AT&T's Ad-Tech Unit Xandr Buys Clypd To Help Place TV Commercials More Precisely

    Xandr, the AT&T ad-technology unit, has purchased a new company that helps advertisers use data to place commercials in front of the audiences most likely to want to watch them The AT&T division said Friday it had acquired clypd, a company that helps advertisers move forward in a growing desire by Madison Avenue to run [...]

  • AT&T Logo Building

    AT&T TV Now Price Hike Coming Next Month, Base Package to Cost $65

    AT&T is instituting a substantial price hike for its live TV streaming service AT&T TV Now: Customers who have subscribed to the service’s basic “Plus” package will see their bill go up by $15, to a total of $65 per month, starting next month. The telco has started to inform existing subscribers about the price [...]

  • Disney-Family-Movies

    Disney Family Movies SVOD Service Is Shutting Down Ahead of Disney Plus Debut

    After 11 years, Disney is pulling the plug on Disney Family Movies On Demand — with the service’s shutdown coming just days before the launch of the Mouse House’s Disney Plus. Disney Family Movies, which cost between $5-$10 per month, has been available via pay-TV providers in the U.S., including Comcast Xfinity, Charter Communications, Verizon [...]

  • Amazon Orders ‘All or Nothing: Tottenham

    Amazon Orders ‘All or Nothing: Tottenham Hotspur’ Soccer Doc Series

    Amazon has greenlit a new “All or Nothing” sports documentary series, this time following London-based soccer team Tottenham Hotspur. “All or Nothing: Tottenham Hotspur” will follow a year in the life of the team, charting the ongoing 2019-20 season. The squad made it to the final of the European Champions League last year, losing to [...]

  • Jeffrey Katzenberg

    Jeffrey Katzenberg's Quibi Picks T-Mobile as Wireless Launch Partner

    Quibi, the short-form mobile TV service founded by Jeffrey Katzenberg, announced a pact with T-Mobile to be the official telecommunications partner for its April 2020 launch. T-Mobile will be the exclusive wireless distributor when Quibi launches next spring. However, the arrangement doesn’t mean only T-Mobile customers will be able to subscribe to Quibi: Anyone will [...]

  • Steve Kornacki

    Steve Kornacki, Chris Matthews Stand at Center of New NBC News Podcasts

    After vowing to press ahead more directly into the world of podcasts, NBC News is readying the launch of three additional audio shows centered around politics. “Article II: Inside Impeachment” will help listeners understand the impeachment process. The program, new episodes of which are slated to debut Mondays, Wednesdays and Fridays as people head for [...]

More From Our Brands

Access exclusive content