Yahoo was most recently in the news when the wireless carrier, Verizon, snapped the company up for around $4.6 billion after it failed to turn its fortunes around in the search engine and advertising segments, a deal that is still subject to regulatory approval. Today, Yahoo has made the headlines due to reports surfacing that it suffered a security breach back in 2012, with the details of around 2 hundred million Yahoo users being up for grabs on the dark web. As such, the search company is expected to make an official announcement on the issue sometime this week.
The news comes via Recode, whose sources report that a cybercriminal going by the name of “Peace” announced that he had 200 million Yahoo users credentials available for purchase for a relatively paltry sum of around $1,800. The data includes usernames and passwords, as well as the user’s date of birth and email addresses. While the passwords were said to be encrypted, according to Recode’s sources, they were also easily decrypted.
Yahoo has yet to comment but is said to be making an announcement later this week. It hasn’t, as yet, told its users to log in and change their passwords. This is something that will change if, and when, the company comes clean about the data breach.
It shouldn’t have to be said, but if you are a Yahoo user, your first port of call should be to log in to your Yahoo account and change your password. If you use that same email address and password for other sites (which you really shouldn’t), then you should log into those other accounts and change the password there as well.
Now we wait for Yahoo to make a statement on the data breach to see just how serious it actually is.