Yahoo is getting ready to confirm a historic hack affecting 200 million users

Advertisement

Marissa Mayer Yahoo

Getty/Kimberly White

Yahoo CEO Marissa Mayer.

Yahoo is getting ready to confirm a huge, historic hack affecting 200 million users, Recode reports.

Advertisement

Back in August, Motherboard's Joseph Cox reported that 200 million apparent Yahoo user credentials were being sold on the dark web. At the time, the company's response was only that it was "aware of [the] claim."

But now Kara Swisher, one of the tech industry's most-respected journalists, is reporting for Recode that Yahoo sources tell her the company is preparing to publicly confirm its existence. (Her sources did not confirm its exact size, only that it was "widespread" and serious.")

Complimentary Tech Event
Transform talent with learning that works
Capability development is critical for businesses who want to push the envelope of innovation.Discover how business leaders are strategizing around building talent capabilities and empowering employee transformation.Know More

Yahoo did not immediately respond to Business Insider's request for comment.

Motherboard was told by the hacker who held the data (and was selling it for 3 bitcoins, worth $1,860 at the time) that the breach was back in 2012 - but it was never made public. Data included usernames, encrypted passwords, date-of-births, and some email addresses.

Advertisement

Recently, there has been a spate of historic data breaches affecting millions of users coming to light - including LinkedIn, MySpace, and Tumblr. If user passwords are unencrypted (or not encrypted properly), hackers can then use this login data to break into individual user accounts - and often, because people re-use passwords across multiple sites, they can use it to break into their accounts on other sites as well.

We saw multiple high-profile demonstrations of this problem this summer, as celebrities and public figures including Mark Zuckerberg and Drake had their Twitter accounts broken into. Twitter wasn't hacked - but the victims had re-used passwords they had also used on websites that were.

This new attention on the alleged breach comes at an awkward time for Yahoo. The tech company is in the process of a $4.8 billion (£3.7 billion) sale of its core business to Verizon, after years of flagging fortunes.

There's nothing ordinary users can do to prevent these kinds of breaches - but by using a strong, unique password on each site or service you have an account on (managing those passwords with a password manager app if necessary), then it means that if one of your account is breached, the rest aren't too.