Yahoo says hackers stole data from 500 million accounts

A Yahoo logo is seen on top of the building where they have offices in New York

By Dustin Volz

(Reuters) – Yahoo Inc said on Thursday that at least 500 million of its accounts were hacked in 2014 by what it believed was a state-sponsored actor, a theft that appeared to be the world’s biggest known cyber breach by far.

Cyber thieves may have stolen names, email addresses, telephone numbers, dates of birth and encrypted passwords, the company said. But unprotected passwords, payment card data and bank account information did not appear to have been compromised, signaling that some of the most valuable user data was not taken.

The attack on Yahoo was unprecedented in size, more than triple other large attacks on sites such as eBay Inc, and it comes to light at a difficult time for Yahoo.

Chief Executive Officer Marissa Mayer is under pressure to shore up the flagging fortunes of the site founded in 1994, and the company in July agreed to a $4.83 billion cash sale of its internet business to Verizon Communications Inc.

“This is the biggest data breach ever,” said well-known cryptologist Bruce Schneier, adding that the impact on Yahoo and its users remained unclear because many questions remain, including the identity of the state-sponsored hackers behind it.

On its website on Thursday, Yahoo encouraged users to change their passwords but did not require it.

Although the attack happened in 2014, Yahoo only discovered the incursion after August reports of a separate breach. While that report turned out to be false, Yahoo’s investigation turned up the 2014 theft, according to a person familiar with the matter.

Analyst Robert Peck of SunTrust Robinson Humphrey said the breach probably was not enough to prompt Verizon to abandon its deal with Yahoo, but it could call for a price decrease of $100 million to $200 million, depending on how many users leave Yahoo.

Steven Caponi, an attorney at K&L Gates with a practice including merger litigation, said that Yahoo’s breach could fall under the “material adverse change” clause common in mergers allowing a buyer to walk away if its target’s value deteriorates.

“That would give Verizon the opportunity to renegotiate the terms or potentially walk away from the transaction if it is a material change. Whether it is a material change will depend in large part on what kind of information was compromised,” Caponi said.

Still, it is rare for mergers to fall apart over material changes. Verizon said in a statement it was made aware of the breach within the last two days and had limited information about the matter.

“We will evaluate as the investigation continues through the lens of overall Verizon interests,” the company said.

Shares of Yahoo stock closed a penny higher at $44.15, while shares of Verizon, were up about 1 percent.

RISING ATTACKS

The Yahoo breach follows a rising number of other large-scale data attacks and could make it a watershed event that prompts government and businesses to put more effort into bolstering defenses, said Dan Kaminsky, a well-known internet security expert.

Retailers and health insurers have been especially hard hit after high-profile breaches at Home Depot Inc, Target Corp, Anthem Inc and Premera Blue Cross.

“Five hundred of the Fortune 500 have been hacked,” he said. “If anything has changed, it’s that these attacks are getting publicly disclosed.”

Three U.S. intelligence officials, who declined to be identified by name, said they believed the attack was state-sponsored because of its resemblance to previous hacks traced to Russian intelligence agencies or hackers acting at their direction.

Yahoo said it was working with law enforcement on the matter, and the FBI said it was investigating.

“The investigation has found no evidence that the state-sponsored actor is currently in Yahoo’s network,” the company said.

While the breach comprised mostly low-value information, it did include security questions and answers created by users themselves. That data could make users vulnerable if they use the same answers on other sites.

A former Yahoo employee said the Q&A were deliberately left unencrypted, which allowed Yahoo to catch fake accounts more easily because fake accounts tended to reuse questions and answers.

News of the massive breach at one of the nation’s largest email providers may fan concern that U.S. companies and government agencies are not doing enough to improve cyber security.

Democratic Senator Mark Warner said in a statement he was “most troubled by news that this breach occurred in 2014, and yet the public is only learning details of it today.”

Technology website Recode first reported Tuesday that Yahoo planned to disclose details about a data breach affecting hundreds of millions of users.

(Reporting by Aishwarya Venugopal in Bengaluru and Dustin Volz in Washington; additional reporting by Jim Finkle in Boston, Lauren Hirsch in New York, and Joseph Menn and Deborah Todd in San Francisco, writing by Alwyn Scott; editing by Peter Henderson and Cynthia Osterman)

Yahoo to provide details on massive data breach

A Yahoo logo is seen on top of the building where they have offices in New York City, U.S.,

(Reuters) – Yahoo Inc will disclose details this week of a data breach that compromised the data of several hundred million users, technology news site Recode reported on Thursday, citing unnamed sources familiar with the company’s plan.

Reuters was not able to immediately confirm the report.

It was not clear how such a disclosure might affect Yahoo’s plan to sell its email service and other core internet properties to Verizon Communications Inc for $4.8 billion.

Yahoo might have to force users to reset their passwords, the Recode report said, citing unnamed sources.

The report follows an Aug. 1 story in the technology news site, Motherboard, that said a cyber criminal known as Peace was selling the data of about 200 million Yahoo users, but did not confirm its authenticity.

The Motherboard report was published a week after Verizon announced its deal with Yahoo.

Peace was selling that batch of data on the 200 million Yahoo users for 3 bitcoin, or around $1,860, according to Motherboard. The possibly compromised data includes user names, birth dates, some backup email addresses and scrambled passwords, Motherboard said.

(Reporting by Jim Finkle in Boston and Aishwarya Venugopal in Bengaluru; Editing by Ted Kerr and Bernadette Baum)

Yahoo Pulls Pro-Life Ads From Abortion Clinic Searches

Yahoo has followed the lead of Google in making sure women who are considering abortion do not see pro-life options in advertising.

Anti-life groups like NARAL Pro-Choice America filed complaints with Yahoo because ads for pro-life organizations and crisis pregnancy centers would appear when women were searching for abortion clinics.   The anti-life groups want to make sure that women seeking an abortion find no other alternative to ending their baby’s life.

“We have found at least some of the ads to be out of compliance with our policies and we are taking them down,” a Yahoo spokesman told CNET. “We’re in the process of reviewing the other ads and will take similar action if any are found to not be in compliance with our policies.”

Anti-life advocates were overjoyed that the choice of giving babies the chance to live was being removed.

“We are pleased that Yahoo has confirmed that some of these deceptive crisis pregnancy center ads violate their advertising policies and stated that they will remove them so that women can continue to trust the search engine for accurate information,” NARAL president Ilyse Hogue said in a statement. “Women making this personal, medical decision should have comprehensive resources and accurate information. … We will work with Yahoo to pinpoint the ads that are masquerading as abortion clinics so they are promptly taken down when they appear.”

British Intelligence Service Spied Using Webcams

A new document from the trove of NSA leaker Edward Snowden shows that the British intelligence services used webcams of Yahoo users to spy on them including taking nude pictures of users.

The GCHQ ran a program called Optic Nerve between 2008 and 2010 that collected images from Yahoo webcam chats and stored them even if the users in the chats were not considered targets of intelligence operations.

In one six month period over 1.8 million Yahoo users were spied on worldwide.

When the Guardian newspaper contacted Yahoo, officials were furious to find out they had been targeted by intelligence services.  The company termed the action “a whole new level of violation of our users’ privacy.”

There are no restrictions in British law that would keep them from tracking Americans and storing information about them without an individual warrant.