Yahoo says all 3 billion accounts hacked in 2013 data theft
["china"]
Tripling its earlier estimate, Yahoo announced on Tuesday that all three billion of its accounts were hacked in a 2013 data theft. The size of the cyber attack makes it the largest breach in history and has already spawned a nationwide lawsuit. 
Yahoo said last December that data from more than one billion user accounts was compromised in 2013, the largest of a series of thefts that forced Yahoo to cut the price of its assets in a sale to Verizon Communications, its current owner.
Yahoo on Tuesday said “recently obtained new intelligence” showed all user accounts had been affected. However, the company said the investigation indicated that the stolen information did not include passwords in clear text, payment card data, or bank account information.
‍Yahoo said that all three billion of its accounts were compromised in a 2013 data theft on Tuesday. /AFP Photo

‍Yahoo said that all three billion of its accounts were compromised in a 2013 data theft on Tuesday. /AFP Photo

Verizon in February lowered its original offer by 350 million US dollars for Yahoo assets in the wake of two massive cyber attacks at the Internet company.
In August, US Judge Lucy Koh in San Jose, California, ruled Yahoo must face nationwide litigation brought on behalf of well over one billion users who said their personal information was compromised in the three breaches.
“Judge Koh had asked us to provide additional facts to support what we knew about the 2013 breach. I think we have those facts now,” said John Yanchunis, a lawyer representing some of the Yahoo users.
The closing of the Verizon deal in June had been delayed as the companies assessed the fallout from two data breaches that Yahoo disclosed last year. The company paid 4.48 billion US dollars for Yahoo’s core business.
Verizon paid 4.48 billion US dollars for Yahoo's core business. /Reuters Photo

Verizon paid 4.48 billion US dollars for Yahoo's core business. /Reuters Photo

A Yahoo official emphasized Tuesday that the three billion figure included many accounts that were opened but that were never, or only briefly, used.
The company said it was sending email notifications to additional affected user accounts.
The new revelation follows months of scrutiny by Yahoo, Verizon, cybersecurity firms and law enforcement that failed to identify the full scope of the 2013 hack.
The investigation underscores how difficult it was for companies to get ahead of hackers, even when they know their networks had been compromised, said David Kennedy, chief executive of cybersecurity firm TrustedSEC LLC.
Companies often do not have systems in place to gather up and store all the network activity that investigators could use to follow the hackers’ tracks.
“This is a real wake up call,” Kennedy said. “In most guesses, it is just guessing what they had access to.”
Source(s): Reuters