Yahoo’s latest admission seems to be the largest public disclosure of a cyber-attack in history.
Yahoo Confesses To Cyber-Breach That Hit 500 Million Users
The internet company said that the cyber breach touched on large amounts of personal information including users’ names and emails, and encrypted security questions and answers.
Although the breach happened in 2014, Yahoo has only now publicly disclosed it and the FBI have confirmed that investigations are underway.
Yahoo however said that the hack did not touch on credit card data.
The firm further pointed out that it believed that the information was stolen by actors sponsored by a state but did not point fingers at any country.
In August, there was news of a potential attack on Yahoo when a hacker group calling itself ‘Peace’ was alleged to be planning to sell information on 200 million users.
The technology firm has confirmed that the hack was by far more extensive than previously thought.
Following the news, Yahoo is urging all users to change their passwords if they have not done so in the past two years.
In the UK internet service providers BT and Sky warned customers, that the Yahoo breach may affect them given that Yahoo is the email service provider for both ISPs.
In July, telecoms giant Verizon bought Yahoo for $4.8 billion.
In a statement, Verizon said it had little information on the matter.
Yahoo said, “Online breaches by state-sponsored agents are becoming very common in the technology industry.”
According to reports by Reuters, three anonymous US intelligence persons were recorded as saying that they had enough reasons to believe that the hack was state-sponsored as it resembled past attacks linked to intelligence agencies in Russia.