- How to live stream the 2020 Grammy Awards Today 7:00 AM
- Technology created deepfakes—does it have a way to stop them, too? Today 6:30 AM
- SESTA-FOSTA is ‘detrimental’ to sex workers’ safety, study confirms Today 6:00 AM
- Jeff Bezos’ girlfriend allegedly sent his nudes to her brother, who then leaked them Saturday 6:38 PM
- This Instagram account catches influencers in the wild Saturday 5:42 PM
- The best upcoming video games to look out for in February 2020 Saturday 5:23 PM
- TikTok teens use AirPods and Google Translate to secretly talk in class Saturday 4:32 PM
- Video shows corpses of coronavirus victims lying in China hospital Saturday 3:44 PM
- Kid meets Slipknot after drumming video goes viral Saturday 2:30 PM
- Channing Tatum responds to troll who tried to compare Jenna Dewan and Jessie J’s looks Saturday 1:46 PM
- Grindr pulls an ‘I don’t know her’ after Eminem suggests he uses the app Saturday 12:48 PM
- Here are the top 10 most popular Instagram models in 2020 Saturday 12:21 PM
- ‘The Chilling Adventures of Sabrina’ takes its characters on a fantasy adventure to Hell in season 3 Saturday 11:37 AM
- Woman no longer in sorority, school after racist MLK post Saturday 10:45 AM
- Netflix’s ‘Miss Americana’ starts to deconstruct the myth of Taylor Swift Saturday 10:32 AM
Still have a Yahoo account? You’ve probably been hacked—again.
Yahoo on Wednesday afternoon revealed that hackers made off with the user data of more than 1 billion accounts.
The breach occurred in August 2013, according to Yahoo, and is believed to be separate from an earlier intrusion, revealed in September and believed to have been carried out by a state actor, that exposed the accounts of more than 500 million user accounts.
Yahoo says it has not yet been able to identify how the breach of 1 billion user accounts took place.
Yahoo says the data may include “names, email addresses, telephone numbers, dates of birth, hashed passwords … and, in some cases, encrypted or unencrypted security questions and answers.” The company says “passwords in clear text, payment card data, or bank account information” are not believed to be included in the stolen data.
Separately, Yahoo says it discovered efforts to use forged cookies—small bits of data stored in a user’s browser—which the company says is linked to activity carried out by “the same state-sponsored actor believed to be responsible for the data theft the company disclosed on September 22, 2016.”
Yahoo’s chief information security officer Bob Lord wrote in a blog post that the company is taking steps to secure affected users.
We are notifying potentially affected users and have taken steps to secure their accounts, including requiring users to change their passwords. We have also invalidated unencrypted security questions and answers so that they cannot be used to access an account. With respect to the cookie forging activity, we invalidated the forged cookies and hardened our systems to secure them against similar attacks. We continuously enhance our safeguards and systems that detect and prevent unauthorized access to user accounts.
Further, Yahoo suggests users “review all of their online accounts for suspicious activity and to change their passwords and security questions and answers for any other accounts on which they use the same or similar information used for their Yahoo account.”
In fact, it may be time to ditch that Yahoo account altogether.
Andrew Couts is the former editor of Layer 8, a section dedicated to the intersection of the Internet and the state—and the gaps in between. Prior to the Daily Dot, Couts served as features editor and features writer for Digital Trends, associate editor of TheWeek.com, and associate editor at Maxim magazine. When he’s not working, Couts can be found hiking with his German shepherds or blasting around on motorcycles.